skills/cfircoo/the-ai-brain/brain-new/Gen Agent Trust Hub

brain-new

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of routing raw user input to behavioral configuration files.
  • Ingestion points: Unstructured user input (tasks, notes, ideas) ingested in the SKILL.md triage process.
  • Boundary markers: The protocol lacks explicit boundary markers or delimiters to differentiate between data to be stored and instructions to the agent.
  • Capability inventory: The skill has permissions to write to sensitive locations such as Machine/Memory/corrections.md and Machine/Rules/active-rules.md, which are intended to influence future agent behavior.
  • Sanitization: There is no evidence of input validation or sanitization to prevent malicious instructions from being persisted in the vault.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 01:46 AM