brief
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the use of the $ARGUMENTS placeholder in templates/brief-template.md. This ingestion point allows untrusted user input to be written directly to generated brief.md and requirements.md files. There are no boundary markers or sanitization procedures defined to prevent malicious input from influencing the agent during subsequent processing of these documents.
- Ingestion points: templates/brief-template.md (via $ARGUMENTS).
- Boundary markers: Absent.
- Capability inventory: File-write operations to the local workspace for documentation files.
- Sanitization: Absent.
Audit Metadata