brainstorm
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill identifies a surface for indirect prompt injection where data from external sources (Sibyl memory) and user inputs are interpolated into agent instructions.
- Ingestion points: User keywords and output from
sibyl searchin 'Phase 1: GROUND' and 'Phase 5: CONVERGE'. - Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands within the searched content.
- Capability inventory: Includes tool execution (
sibyl search,sibyl add), spawning of sub-agents for parallel research, and routing to other skills (/hyperskills:*). - Sanitization: No evidence of sanitization or validation of the content retrieved from Sibyl before it is presented or processed.
Audit Metadata