Skills
skills/yonatangross/orchestkit/brainstorming/Gen Agent Trust Hub

brainstorming

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: In SKILL.md, the skill ingests user-provided topic strings and local codebase content which are then interpolated into sub-agent prompts. This creates a surface for indirect prompt injection as external content is used to influence agent behavior without sanitization. \n
  • Ingestion points: User arguments ($ARGUMENTS) and project files (e.g., README.md) read via Grep and Glob during Phase 0 and Phase 1 discovery. \n
  • Boundary markers: Not used in sub-agent prompt definitions. \n
  • Capability inventory: File reading, task tracking, and sub-agent orchestration. \n
  • Sanitization: No filtering or escaping is applied to the ingested data. \n- [COMMAND_EXECUTION]: Documentation templates in scripts/create-design-doc.md and scripts/design-doc-template.md utilize hardcoded shell commands like git config and date to auto-populate metadata. These executions are limited to standard system utilities for documentation purposes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 05:30 AM