brainstorming
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution] (SAFE): The skill performs read-only operations using
lsto detect project structure and uses a local CLI (openspec) to list and show project specifications. These commands are hardcoded and do not incorporate unsanitized user input, posing no risk of command injection. - [Prompt Injection] (SAFE): The instructions follow a structured dialogue format and do not contain patterns intended to bypass AI safety filters, extract system prompts, or override agent constraints.
- [Data Exposure & Exfiltration] (SAFE): No network operations or access to sensitive system files (e.g., SSH keys, AWS credentials) were found. The skill only interacts with project-specific files.
- [Indirect Prompt Injection] (SAFE): While the skill processes user-provided ideas, its actions are limited to local read-only commands and guided dialogue. The capability surface is minimal and does not allow for file modification or remote data transfer based on user input.
Audit Metadata