Skills
skills/romiluz13/cc10x/brainstorming/Gen Agent Trust Hub

brainstorming

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface detected.\n
  • Ingestion points: The skill reads untrusted data from existing project specification files (e.g., SPEC.md) and collects user responses via the AskUserQuestion tool.\n
  • Boundary markers: The instructions lack specific delimiters or instructions for the agent to ignore or isolate potentially malicious instructions embedded within the ingested data.\n
  • Capability inventory: The skill possesses the Bash tool for executing system commands and the Write/Edit tools for modifying files, which could be leveraged if an injection were successful.\n
  • Sanitization: There is no evidence of validation or sanitization of external data before it is incorporated into the design output or internal context files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 07:09 PM