brain-organizer
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill uses imperative language such as 'MANDATORY' and 'ZERO TOLERANCE' to enforce strict adherence to file naming and positioning rules for internal application logic.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface analysis:
- Ingestion points: User-provided canvas names and node content (SKILL.md).
- Boundary markers: YAML delimiters are used in file templates.
- Capability inventory: No subprocess, network, or arbitrary file-write capabilities are defined.
- Sanitization: A specific algorithm is provided to sanitize file names from user input, though node content has no explicit sanitization rules.
- [NO_CODE]: The skill consists entirely of markdown instructions and templates; it contains no scripts, binaries, or executable logic.
Audit Metadata