brainstorming
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructs the agent to read current project files, documentation, and commit history to establish context. This behavior creates an ingestion point for potentially untrusted data that could contain malicious instructions designed to influence the agent's behavior during the brainstorming or documentation phase.\n
- Ingestion points: Local filesystem (files, docs, recent commits) as specified in SKILL.md.\n
- Boundary markers: Absent; there are no instructions to the agent to ignore or delimit potentially malicious instructions found within the project data.\n
- Capability inventory: Writing design documents to
docs/plans/, performing git commits, and invoking external skills for worktree management and planning.\n - Sanitization: Absent; the skill does not suggest any filtering or validation of the ingested project data before it is incorporated into the design process.
Audit Metadata