brainstorming
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing external project data.
- Ingestion points: The agent is instructed to explore project context by checking files, documentation, and recent commits.
- Boundary markers: There are no explicit instructions or delimiters to ensure the agent ignores malicious instructions that might be embedded within these project files.
- Capability inventory: The agent has the ability to write design documents to the file system, commit changes to git, and invoke the writing-plans skill.
- Sanitization: The skill does not specify any validation or sanitization of the content retrieved from the project files.
Audit Metadata