battleship-brainstorm
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines an indirect prompt injection surface by instructing the agent to read and incorporate content from various local files into its brainstorming logic.
- Ingestion points: The agent reads all files within a
context/folder and specifically looks forproblem-framing.md,hmw-opportunities.md, anddot-vote-*.md. - Boundary markers: The instructions do not define delimiters or provide warnings to the LLM to ignore instructions that may be embedded within these external files.
- Capability inventory: The skill's capabilities are limited to reading from and writing to the local filesystem (e.g., creating
battleship-brainstorm.md). It does not contain network request functions, shell command execution, or dynamic code evaluation. - Sanitization: There is no evidence of input validation, filtering, or escaping of the content retrieved from the workspace files before it is processed by the agent.
Audit Metadata