Skills
skills/prakharmnnit/skills-and-personas/idea-capturer/Gen Agent Trust Hub

idea-capturer

Pass

Audited by Gen Agent Trust Hub on Feb 12, 2026

Risk Level: LOWNO_CODE
Full Analysis

The provided skill, 'idea-capturer', consists solely of a Markdown file (SKILL.md). This file describes a conceptual framework and workflows for idea management, including templates and best practices. There are no executable scripts, external API calls, package installations (npm, pip, yarn), or references to external URLs for code download. The content is purely instructional and descriptive.

Threat Category Analysis:

  1. Prompt Injection: No patterns indicative of prompt injection (e.g., 'IMPORTANT: Ignore', 'CRITICAL: Override', 'developer mode', 'DAN jailbreak') were found. The language is instructional for the user, not manipulative towards the AI.
  2. Data Exfiltration: No commands or code capable of accessing sensitive file paths (e.g., ~/.aws/credentials, ~/.ssh/id_rsa) or performing network operations (curl, wget, fetch, requests) were found. The skill is purely descriptive.
  3. Obfuscation: No Base64 encoding, zero-width characters, Unicode tag characters, homoglyphs, URL/percent encoding, hex escapes, or HTML entities used for malicious obfuscation were detected.
  4. Unverifiable Dependencies: No external dependencies or package installations are referenced or required.
  5. Privilege Escalation: No commands like sudo, chmod +x, or modifications to system files were found.
  6. Persistence Mechanisms: No attempts to write to shell configuration files (.bashrc, .zshrc), create cron jobs, or modify systemd/LaunchAgent files were found.
  7. Metadata Poisoning: The name and description fields in the front matter are benign and accurately reflect the skill's purpose.
  8. Indirect Prompt Injection: As the skill does not process external user-provided content (like emails or web pages), the risk of indirect prompt injection is not directly applicable to the skill's internal logic. However, as with any LLM interaction, the user's input to the skill could theoretically contain such injections, but the skill itself does not introduce this vulnerability.
  9. Time-Delayed / Conditional Attacks: No conditional logic based on dates, usage counters, or environment variables that could trigger malicious behavior was found.

Conclusion: The 'idea-capturer' skill is a purely descriptive, no-code skill. It presents no direct security vulnerabilities based on the provided content.

Audit Metadata
Risk Level
LOW
Analyzed
Feb 12, 2026, 07:05 AM