Skills
skills/rube-de/cc-skills/brainstorm/Gen Agent Trust Hub

brainstorm

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute standard git commands (git log) and GitHub CLI commands (gh issue list) to gather project context. These operations are limited to read-only information gathering within the developer's environment.
  • [DATA_EXPOSURE]: The workflow involves reading local project files, including READMEs and source code, using Read, Grep, and Glob tools. This data access is used to ground the design process in the actual codebase but does not involve transmission of sensitive secrets.
  • [EXTERNAL_DOWNLOADS]: Utilizes WebSearch and WebFetch to conduct domain research for topics that may be outside the current project scope. The skill instructions explicitly state that this research is used to inform questions and design rather than being returned directly to the user.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data from the local repository (such as commit messages, issue descriptions, and file contents).
  • Ingestion points: Reads project files, git logs, and issue lists during the context gathering phase (Step 1).
  • Boundary markers: The skill does not explicitly define delimiters or instructions to ignore embedded commands within the files it reads.
  • Capability inventory: The skill has access to Bash, Write, WebSearch, and WebFetch tools.
  • Sanitization: There is no specific logic described for sanitizing or filtering instructions that might be embedded in the ingested project data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 05:28 AM