Skills
skills/htooayelwinict/claude-config/brainstorming/Gen Agent Trust Hub

brainstorming

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's metadata requests access to the Bash tool (File: SKILL.md). Although the primary instructions emphasize brainstorming and explicitly state 'Do NOT implement solutions', the availability of a system shell is a high-privilege capability.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8).
  • Ingestion points: Untrusted external data is ingested via WebFetch, mcp_web-search-prime, and mcp_web-reader (File: SKILL.md).
  • Boundary markers: The skill does not define specific delimiters or 'ignore' instructions for external data.
  • Capability inventory: The agent has access to Bash, Grep, Glob, and Read tools (File: SKILL.md).
  • Sanitization: There is no evidence of sanitization or filtering of external input before it enters the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:13 AM