Skills
skills/atalovesyou/claude-skills-pack/brainstorming/Gen Agent Trust Hub

brainstorming

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill is designed to ingest untrusted data from the project environment which can lead to unauthorized instruction execution.
  • Ingestion points: Reads existing project files, documentation, and recent git commit history (SKILL.md).
  • Capability inventory: Writes design documents to docs/plans/, executes git commit, and initiates git worktrees via referenced skills.
  • Boundary markers: Absent. There are no instructions to the agent to ignore or delimit instructions found within the project files it reads.
  • Sanitization: Absent. The skill does not describe any validation or filtering of the content it reads before processing it for design decisions.
  • Command Execution (LOW): The skill explicitly instructs the agent to perform filesystem writes and git operations. While expected for a development tool, these capabilities increase the impact of a successful prompt injection attack.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:43 PM