ultrawork
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of system commands, such as package installations, builds, and test suites, through instructions to delegate tasks to sub-agents and utilize background execution features.- [PROMPT_INJECTION]: The skill describes an orchestration pattern that presents a surface for indirect prompt injection.
- Ingestion points: User-provided task descriptions are ingested in the SKILL.md and passed directly to sub-agents via the
spawn_sub_agenttool. - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the interpolated user prompts.
- Capability inventory: The skill utilizes
spawn_sub_agentfor task delegation and supports shell command execution through therun_in_backgroundparameter. - Sanitization: No input validation or sanitization of the user-provided task descriptions is specified in the execution policy or steps.
Audit Metadata