capture-idea
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by using user-supplied idea text to guide codebase searches and documentation creation.
- Ingestion points: Raw idea text enters via the argument-hint or Step 1.
- Boundary markers: Absent; user input is not delimited in templates or search queries.
- Capability inventory: Performs glob/grep searches and file reads/writes across the codebase.
- Sanitization: Absent; no input validation is performed on the user-provided idea text.
Audit Metadata