brainstorming
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill launches a local Node.js server via shell scripts (
start-server.sh) to power the visual companion. This execution is limited to the local environment and intended for UI rendering and event handling.\n- [PROMPT_INJECTION]: The skill processes project files and records user interactions from the browser into a.eventsfile. This creates an indirect prompt injection surface where malicious content in the project or manipulated browser events could influence the agent's behavior. However, this is an inherent risk of analysis tools and is mitigated by the agent's instructions and standard safety guardrails.\n- [DATA_EXFILTRATION]: The Node.js server serves files from a temporary session directory to provide visual previews. It includes a check usingpath.basenameto prevent directory traversal attacks, ensuring only files within the designated session folder are accessible.
Audit Metadata