gsp-project-brief
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes project-specific data like BRIEF.md and config.json, which introduces an indirect prompt injection surface.
- Ingestion points: BRIEF.md, config.json.
- Boundary markers: None.
- Capability inventory: Read, Write, Bash, Grep, Glob.
- Sanitization: None.
- [COMMAND_EXECUTION]: The Bash tool is utilized for project structure navigation and path resolution tasks within the design system directory.
- [SAFE]: The skill does not perform external network requests, use obfuscation, or attempt persistence mechanisms.
Audit Metadata