brief
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No malicious instructions or bypass attempts detected in the prompt logic.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file access or network communication identified. Operations are confined to project documentation paths.
- [Indirect Prompt Injection] (SAFE): The skill reads existing brief files (e.g., ideas/[project]/project-brief.md) as part of its primary function. (1) Ingestion points: existing brief files; (2) Boundary markers: absent; (3) Capability inventory: Read, Write, Edit, Glob, Grep; (4) Sanitization: absent. The risk is considered SAFE as the ingestion is required for functionality and tools are limited to local file editing.
- [Remote Code Execution] (SAFE): No external packages or remote code execution patterns were found.
Audit Metadata