bmad-idea
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation and reference documentation point to external GitHub repositories (supercent-io/skills-template and bmad-code-org/bmad-module-creative-intelligence-suite) that are not managed by trusted vendors.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it interpolates untrusted user content into workflows that have access to powerful system tools.
- Ingestion points: Untrusted data enters via user prompts for ideation, design thinking, and storytelling agents in SKILL.md.
- Boundary markers: No specific delimiters or safety instructions are used to isolate user data from agent logic in SKILL.toon or REFERENCE.md.
- Capability inventory: The skill is configured with 'Bash' and 'Write' tool access in SKILL.md, allowing command execution and file modification.
- Sanitization: There is no evidence of sanitization or validation for the content processed by the agents in any of the analyzed files.
Audit Metadata