ideation
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill reads local project documentation and git history to establish context. This data access is necessary for the ideation process and remains within the agent's environment.
- [COMMAND_EXECUTION]: The skill can initiate GitHub issue creation or call other installed skills (e.g., requirements definition tools) based on user confirmation. These are intended functional integrations.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests project data (files, commits) that could contain malicious instructions. However, the risk is considered low as the skill's capabilities are limited to documentation and issue creation.
- Ingestion points: Project files, documentation, and recent commits are read in Step 1.
- Boundary markers: No specific delimiters or markers are defined for the ingested context data.
- Capability inventory: The skill writes markdown files and can create GitHub issues.
- Sanitization: No explicit sanitization of the input project data is performed.
Audit Metadata