gsp-brand-strategy
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill follows established workflows for brand development, including research synthesis, user consultation for archetypes and positioning, and structured output generation. No signs of obfuscation, credential harvesting, or unauthorized remote code execution were found.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by ingesting data from local project files and inlining them into a sub-agent prompt.
- Ingestion points: Loads content from .design/branding/{brand}/BRIEF.md, discover/INDEX.md, and various discover/audit chunks from the {BRAND_PATH} directory.
- Boundary markers: Absent. The instructions do not specify delimiters for the interpolated file content passed to the gsp-brand-strategist agent.
- Capability inventory: The spawned agent has the ability to write files to the project directory and invoke other agent tools.
- Sanitization: Absent. There is no evidence of content filtering or validation for the ingested files before they are processed by the LLM.
Audit Metadata