brainstorming
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of markdown instructions and does not include any scripts, binaries, or executable code. It provides a purely conceptual framework for process knowledge.
- [PROMPT_INJECTION]: There is no evidence of malicious prompt injection, role-play overrides, or safety bypasses. The instructions are directed toward structured user engagement and clarification of requirements.
- [DATA_EXFILTRATION]: No network activity or sensitive file access was detected. The skill instructions suggest writing brainstorming results to a local documentation directory (
docs/brainstorms/), which is a standard development practice. - [REMOTE_CODE_EXECUTION]: The skill does not perform any remote code downloads or execution patterns. References to external workflows (e.g.,
/workflows:plan) appear to be internal agent command references rather than shell commands or scripts. - [PROMPT_INJECTION]: Analysis for indirect prompt injection (Category 8):
- Ingestion points: The skill ingest user input during Phase 1 (Understand the Idea) and Phase 2 (Explore Approaches) in
SKILL.md. - Boundary markers: No explicit delimiters or boundary markers are defined for the generated output files.
- Capability inventory: The skill has the capability to write to the local file system (
docs/brainstorms/inSKILL.md). - Sanitization: No explicit sanitization or filtering of user-provided content is mentioned before it is written to the design document.
Audit Metadata