ideation
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process arbitrary user-provided 'brain dumps' (untrusted data) to generate structured documentation files. This presents a surface for indirect prompt injection where malicious instructions embedded in the user input could influence the agent's behavior during artifact generation.
- Ingestion points: User input in Phase 1 'Intake' (SKILL.md).
- Boundary markers: Absent. The instructions do not define clear delimiters for the user input or provide specific 'ignore embedded instructions' directives to the model.
- Capability inventory: The skill has the capability to write multiple files to the local filesystem under the
./docs/ideation/directory (SKILL.md). - Sanitization: Absent. The skill analyzes and converts raw user input directly into structured templates without a sanitization or validation layer.
Audit Metadata