brainstorming
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill captures untrusted user input to generate persistent design documents. * Ingestion points: User intent and 'rough ideas' provided during collaborative dialogue in 'SKILL.md'. * Boundary markers: Absent; uses natural language flow without delimiters for user-provided data. * Capability inventory: File-write operations to 'docs/plans/' and version control commits via 'git'. * Sanitization: No sanitization or validation of the brainstormed content is performed before file creation.
- [No Code] (SAFE): The skill consists entirely of markdown instructions and does not include any scripts, executable binaries, or external package dependencies.
Audit Metadata