laravel-brainstorming
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill's design involves reading local project files, which creates a surface for indirect prompt injection if those files contain malicious instructions.
- Ingestion points: Analyzes Laravel-specific files including routes, models, migrations, and recent git commits.
- Boundary markers: Lacks explicit instructions or delimiters to prevent the agent from following directives embedded in the analyzed source code.
- Capability inventory: Includes capabilities for writing to the local filesystem (docs/designs/) and executing git commands.
- Sanitization: No content validation or sanitization is specified for data ingested from the project environment.
- [COMMAND_EXECUTION]: The skill instructs the agent to perform 'git commit' operations to persist design documents.
- [NO_CODE]: The skill consists of prompt-based instructions and documentation without including any executable scripts or binary files.
Audit Metadata