Skills
skills/bmad-code-org/bmad-module-creative-intelligence-suite/bmad-cis-agent-brainstorming-coach/Gen Agent Trust Hub

bmad-cis-agent-brainstorming-coach

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script during activation: python3 {project-root}/_bmad/scripts/resolve_customization.py --skill {skill-root} --key agent. This command is used to merge configuration data from various project-level TOML files.
  • [REMOTE_CODE_EXECUTION]: The skill is designed to process and execute sequences of actions defined in the activation_steps_prepend and activation_steps_append fields within configuration files. This allows for dynamic execution of logic defined outside the core instruction set.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting external data into the agent's working context.
  • Ingestion points: Content is read from local files like project-context.md (via glob patterns), config.yaml, and multiple customization TOML files.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious directions embedded within these ingested files.
  • Capability inventory: The skill can execute shell commands through Python and perform multi-step automated sequences during persona activation.
  • Sanitization: No content validation or escaping is applied to the data retrieved from external files before it is integrated into the session context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 05:56 AM