Skills
AGENT LAB: SKILLS
skills/xbklairith/kisune/brainstorming/Gen Agent Trust Hub

brainstorming

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • PROMPT_INJECTION (LOW): Indirect Prompt Injection surface detected. The skill is designed to ingest and process untrusted external data which could contain malicious instructions.
  • Ingestion points: WebSearch, WebFetch, and file Read operations are used to gather context (SKILL.md).
  • Boundary markers: Absent; the skill does not define delimiters or instructions to ignore commands within fetched data.
  • Capability inventory: Access to Bash (with curl), Write, and Read tools across the workspace (SKILL.md).
  • Sanitization: Absent; external research is directly used to generate design documents.
  • COMMAND_EXECUTION (LOW): The skill utilizes the Bash tool specifically to run curl for API endpoint exploration. While intended for architectural research, this command execution capability is accessible to the agent and could be misused if the agent's instructions are overridden via indirect injection.
  • EXTERNAL_DOWNLOADS (SAFE): An automated scanner flagged the string 'requirements.md' as a malicious URL. Technical review confirms this is a local documentation file path reference (e.g., docx/features/[NN-feature-name]/requirements.md) and the alert is a false positive triggered by the .md file extension.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:26 PM