ce-brainstorm
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves a legitimate purpose for software engineering workflows and contains no evidence of malicious intent or unauthorized actions.
- [DATA_EXFILTRATION]: The skill includes functionality to upload requirements documents to Every's Proof editor for collaborative review. This is an intended feature developed by the author (everyinc) and involves sending document content to their managed service.
- [PROMPT_INJECTION]: The skill processes untrusted user input to define brainstorming topics. 1. Ingestion points: The #$ARGUMENTS variable in SKILL.md. 2. Boundary markers: The input is enclosed within <feature_description> tags. 3. Capability inventory: The skill can read project files and write requirements documents to docs/brainstorms/. 4. Sanitization: No specific sanitization or escaping of the user input is performed before interpolation into the prompt. The risk is considered safe due to the intended use case.
Audit Metadata