brainstorm-copilot
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill establishes a robust interaction model for brainstorming, utilizing the
ask_usertool to prevent overwhelming the user and ensuring requirements are understood before generating outputs. - [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection. 1) Ingestion points: User requests and answers are collected via the initial prompt and the
ask_usertool (SKILL.md). 2) Boundary markers: No delimiters or ignore instructions are present in the Plan Delegation Template to isolate user-provided content. 3) Capability inventory: The skill can delegate to a general-purpose agent via thetasktool to create implementation plans. 4) Sanitization: No sanitization or escaping of the user-provided 'brainstorm output' is performed before it is interpolated into the task prompt. - [EXTERNAL_DOWNLOADS]: The
web_searchtool is included for reference gathering. While it accesses external content, it does not involve the installation or execution of remote code.
Audit Metadata