brainstorming
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill metadata uses a directive ('You MUST use this skill before any creative or complex work') aimed at mandating specific agent behavior and workflow priority.- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by design, as it ingests data from the user's environment to inform its collaborative reasoning process.
- Ingestion points: Local project files, documentation, and git commit history accessed via subagents.
- Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within the ingested files.
- Capability inventory: The skill reads files and git history, uses subagents for context gathering, and writes documentation to the
docs/directory. - Sanitization: There is no evidence of sanitization or filtering of the content read from the project environment.- [NO_CODE]: The skill is composed solely of instructions in markdown format and does not provide or install any executable scripts or binary dependencies.
Audit Metadata