brainstorm
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill employs persona-based instructions to act as a "senior engineering partner" and uses control directives like "Immediately enter plan mode" to manage the agent's internal state. These are standard instructional techniques used to define the skill's behavior and do not attempt to override safety guidelines or bypass filters.
- [EXTERNAL_DOWNLOADS]: The skill is configured to use
WebSearchandWebFetchto retrieve technical documentation, best practices, and library information. These tools are used legitimately to provide up-to-date engineering context during brainstorming sessions. - [COMMAND_EXECUTION]: The instructions call for the use of internal workflow management tools such as
TaskCreateandEnterPlanMode. These are used to structure the conversation and ensure that no accidental file modifications occur during the thinking phase. - [DATA_EXFILTRATION]: The skill accesses the local codebase through standard exploration tools like
Read,Grep, andLSP(Language Server Protocol). This data access is necessary for the skill's primary function and there is no evidence of unauthorized data transmission to external domains.
Audit Metadata