Skills
skills/willoscar/research-units-pipeline-skills/idea-brief/Gen Agent Trust Hub

idea-brief

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The skill consists entirely of markdown instructions and role definitions for the AI agent. It does not include any executable scripts, binaries, or external dependencies.
  • [SAFE]: The skill reads and writes to specific local project files like GOAL.md and queries.md. It does not attempt to access sensitive directories such as SSH keys or environment secrets, nor does it perform any network operations.
  • [PROMPT_INJECTION]: The skill includes instructions to process external data which presents a surface for indirect prompt injection.
  • Ingestion points: Reads GOAL.md, DECISIONS.md, and queries.md which may contain user-provided content.
  • Boundary markers: None explicitly used during file ingestion.
  • Capability inventory: The skill is limited to reading and writing local text files; it lacks the capability to execute commands, run code, or exfiltrate data.
  • Sanitization: No explicit sanitization is defined for the content read from files.
  • Assessment: Since the agent cannot execute the data it processes, the risk of indirect injection remains low and is handled by the agent's internal safety layers.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 09:17 AM