Skills
skills/compozy/kb/cy-idea-factory/Gen Agent Trust Hub

cy-idea-factory

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through its ingestion of external data.
  • Ingestion points: Untrusted data enters the agent context through web search results during the research phase (Step 3) and codebase exploration.
  • Boundary markers: There are no instructions to use delimiters or ignore embedded instructions when processing the results from web tools or codebase reads.
  • Capability inventory: The agent has the ability to create directories and write files (.compozy/tasks//_idea.md, .compozy/tasks//adrs/) based on the processed content.
  • Sanitization: The skill lacks explicit sanitization or validation steps for the content retrieved from external sources before it is drafted into the final specification.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 12:15 AM