brainstorm
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or unauthorized commands were detected. The skill provides architectural advice and includes safety constraints, such as explicitly instructing the agent never to modify code unless requested.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting external data, though the risk is low due to limited capabilities.\n
- Ingestion points: The skill processes user-supplied arguments and reads content from the local codebase (SKILL.md).\n
- Boundary markers: There are no explicit delimiters or warnings provided to the agent to disregard instructions found within the ingested data.\n
- Capability inventory: The agent's actions are restricted to web searching and providing recommendations; it has no permissions for automated code execution or external data transmission.\n
- Sanitization: No input validation or filtering is performed on the ingested content.
Audit Metadata