braiins-os
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests and processes untrusted data from external sources (GitHub issues).
- Ingestion points: GitHub issue summaries are stored in
references/bos-plus-api-issues.mdandreferences/braiins-os-feeds-issues.md. - Boundary markers: Absent. The issue content is presented as plain markdown without delimiters or 'ignore instructions' warnings.
- Capability inventory: The skill is informational, providing documentation that influences agent reasoning and API integration decisions. It does not contain direct execution tools.
- Sanitization: Absent. The content appears to be a raw scrape of GitHub issue titles and descriptions.
- [Data Exposure] (SAFE): No sensitive files or hardcoded credentials detected. Issue #18 mentions authentication tokens in a general sense but does not expose any secrets.
- [Remote Code Execution] (SAFE): No package managers, install scripts, or remote code download patterns were detected. The skill consists entirely of markdown reference files.
Audit Metadata