brainstorm-experiments
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a set of guidelines and a local utility script for product management tasks. No network access, sensitive file operations, or dangerous command executions were detected.
- [PROMPT_INJECTION]: A static detector flagged potential concealment instructions in the reference material. Upon manual review, phrases like 'Do not tell users it is manual' and descriptions of 'Wizard of Oz' tests were found to be standard product management terminology describing how to test product concepts with users, rather than instructions for the AI to deceive its own user. This is a false positive based on domain context.
- [COMMAND_EXECUTION]: The skill includes a Python script (
scripts/experiment_designer.py) intended for local execution. The script uses only Python standard libraries (argparse,json,sys), performs simple keyword matching to suggest experiment designs, and does not use dangerous functions likeeval()orexec().
Audit Metadata