brainstorming
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill description contains imperative language ('You MUST use this') to establish its role in the development workflow. This is interpreted as a legitimate functional instruction for the agent rather than a safety bypass.
- [Indirect Prompt Injection] (SAFE): The skill accesses project files and history to gather context. 1. Ingestion points: Project files, documentation, and git commits (mentioned in 'Understanding the idea'). 2. Boundary markers: Not present. 3. Capability inventory: Writing to files (via 'todos_oneshot') and git repository management (via 'git-worktrees'). 4. Sanitization: Not present. This surface is considered low risk and inherent to the tool's utility.
Audit Metadata