brainstorming
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructions involve exploring project context by reading files and git commits, creating a surface for indirect prompt injection.
- Ingestion points: The agent reads project files, documentation, and recent git history to understand the current state.
- Boundary markers: The skill does not define delimiters or specific instructions to ignore potential commands embedded in the files being read.
- Capability inventory: The skill has the capability to write design documents to the file system, perform git commits, and transition to the writing-plans skill.
- Sanitization: No sanitization or validation of the content retrieved from the project environment is specified.
Audit Metadata