brainstorm
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes untrusted data from existing requirement files.
- Ingestion points: The skill loads existing requirements from the '.requirements/{domain}/synthesis/' directory during the setup phase.
- Boundary markers: No specific delimiters or 'ignore' instructions are used to isolate ingested content from the brainstorming instructions.
- Capability inventory: The skill is authorized to use tools including 'Read', 'Write', 'Glob', 'Grep', and 'Task'.
- Sanitization: There is no evidence of validation or sanitization of the content retrieved from the file system before it is interpolated into AI prompts.
- [SAFE]: No high-severity security issues were detected. The skill's operations are limited to the local file system within project-specific directories, and there are no external network connections, hardcoded credentials, or remote code execution patterns.
Audit Metadata