Skills
skills/sergio-bershadsky/ai/secondbrain-adr/Gen Agent Trust Hub

secondbrain-adr

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, deceptive instructions, or risky operations were found. The skill operates exclusively on the local file system within established project paths.
  • [PROMPT_INJECTION]: The skill incorporates user-provided text (Decision Title and Context) into generated files, which represents an indirect prompt injection surface.
  • Ingestion points: User-supplied 'Title' and 'Context' collected in Step 1 of the workflow (SKILL.md).
  • Boundary markers: None; user content is interpolated directly into the markdown and YAML templates without explicit delimiters.
  • Capability inventory: Creating and modifying files in docs/adrs/ and updating the YAML registry in .claude/data/adrs/records.yaml.
  • Sanitization: None; the skill does not specify any validation, escaping, or filtering of user-supplied strings before insertion.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 08:05 AM