think-router
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions designed to override AI safety protocols or bypass system constraints.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, network commands (curl/wget), or access to sensitive file paths (e.g., SSH keys, AWS configs) were found. The references to ~/.claude/db are internal application paths for skill management.
- [Remote Code Execution] (SAFE): The skill does not perform any external downloads or execute remote scripts.
- [Indirect Prompt Injection] (LOW): This skill acts as a router for user-provided queries. While it processes untrusted input to select a 'Thinking Mode', it contains no internal logic for execution or data exfiltration. It serves as a classification layer for downstream skills.
- [Persistence Mechanisms] (SAFE): There are no attempts to modify shell profiles, cron jobs, or system services.
- [Obfuscation] (SAFE): No encoded strings, homoglyphs, or hidden characters were detected in the metadata or descriptions.
Audit Metadata