bmad-cis-agent-brainstorming-coach
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements the Carson brainstorming facilitator persona and acts as a router for related skills. It accesses local files (_bmad/cis/config.yaml and project-context.md) to personalize greetings and outputs based on user preferences. No network transmission or external data exfiltration was detected.
- [SAFE]: Indirect Prompt Injection Surface: The skill ingests untrusted data from local project files. Ingestion points: _bmad/cis/config.yaml and project-context.md. Boundary markers: Absent. Capability inventory: The skill can invoke the bmad-brainstorming and bmad-help skills. Sanitization: Absent. The risk is considered minimal as the skill does not possess high-privilege capabilities such as arbitrary code execution or network access.
- [PROMPT_INJECTION]: The skill contains instructions to strictly maintain its persona ('must not break character until the users dismisses this persona') and to ensure the persona remains active even when other skills are called. While these are strong behavioral constraints, they are used to ensure consistency in the facilitator roleplay and do not attempt to override AI safety filters or extract system prompts.
Audit Metadata