brainstorming
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection because it ingests untrusted data from the local project environment to inform its brainstorming and design process.
- Ingestion points: The skill reads project files, documentation, and recent git commits (referenced in
SKILL.md). - Boundary markers: Absent. There are no delimiters or instructions to ignore embedded commands within the analyzed project data.
- Capability inventory: The skill can write files to the disk (
docs/plans/), commit changes to git, and trigger downstream skills likesuperpowers:writing-planswhich could lead to code generation based on poisoned designs. - Sanitization: Absent. No validation or escaping of the ingested project content is performed before processing.
Audit Metadata