critique
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted data from local project files that could contain hidden instructions intended to override the agent behavior.
- Ingestion points: 'ideas/{project}/project-brief.md', 'competitive-analysis.md', 'README.md', and 'resources/research/*.md'.
- Boundary markers: Absent. The skill does not implement delimiters or 'ignore' instructions for the content of these files.
- Capability inventory: The skill has access to file system tools including Read, Write, Edit, Glob, and Grep.
- Sanitization: Absent. Content is loaded directly into the agent's context without filtering or validation.
- [Data Exposure & Exfiltration] (SAFE): The skill reads local files but has no network tools (e.g., curl, fetch) to exfiltrate data.
- [Unverifiable Dependencies] (SAFE): No external scripts or packages are downloaded or executed.
Audit Metadata