ultrathink
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted data from user-provided task descriptions and referenced files. * Ingestion points: Data enters the agent context via $ARGUMENTS and @ file syntax in SKILL.md and references/commands/ultrathink.md. * Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed data. * Capability inventory: The skill delegates tasks to a Coder Agent instructed to write or edit code in SKILL.md and references/commands/ultrathink.md. * Sanitization: No logic for escaping, validating, or filtering external content is defined.
- [NO_CODE]: The skill files consist entirely of markdown instructions and metadata with no executable scripts, shell commands, or binary executables detected.
Audit Metadata