skills/bradautomates/second-brain/new/Gen Agent Trust Hub

new

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted natural language input from the $ARGUMENTS variable to create and modify files in a workspace.
  • Ingestion points: User input is ingested directly via the $ARGUMENTS variable in SKILL.md.
  • Boundary markers: The instructions do not define clear delimiters or warnings to treat the $ARGUMENTS content strictly as data, increasing the risk that embedded instructions could be obeyed by the agent.
  • Capability inventory: The skill has access to Write and Edit tools, allowing it to persist potentially malicious content to the file system based on user input.
  • Sanitization: There is no mention of sanitizing entity names, slugs, or content, which could lead to secondary issues such as path manipulation or command injection if processed by other tools later.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:41 AM
Security Audit — agent-trust-hub — new