brainstorming
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill in 'SKILL.md' processes untrusted user ideas to generate architectural designs and documentation. Because it has the capability to write files and manage workspace environments, it presents a vulnerability where malicious data could influence system-altering actions. Evidence: 1. Ingestion point: User input in Phase 1 and feedback in Phase 3. 2. Boundary markers: None defined to isolate user input from instructions. 3. Capability inventory: Writes design documents to 'docs/plans/' (Phase 4) and sets up git worktrees (Phase 5). 4. Sanitization: None present.
- [Unverifiable Dependencies] (MEDIUM): 'SKILL.md' references several sub-skills (e.g., 'superpowers:using-git-worktrees', 'superpowers:writing-plans', 'elements-of-style:writing-clearly-and-concisely') that originate from unverified sources not included in the trusted organizational list.
- [Data Exposure & Exfiltration] (SAFE): No patterns of sensitive file access (e.g., credentials or SSH keys) or unauthorized network activity were detected.
- [Prompt Injection] (SAFE): The instruction set does not contain internal directives to bypass safety protocols or override system behavior.
Recommendations
- AI detected serious security threats
Audit Metadata