idea-md
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is composed of markdown-based instructions and templates for generating documentation. It does not include executable scripts, shell commands, or third-party software dependencies.
- [PROMPT_INJECTION]: The skill identifies an ingestion surface for indirect prompt injection by reading repository artifacts (like READMEs and specifications) and conversation history to synthesize output. While this could allow malicious content in those files to influence the document's content, the risk is minimal as the agent's capabilities are restricted to document creation.
- Ingestion points: Existing Idea.md files, repository files (README, specs, roadmap), and user conversation history.
- Boundary markers: No delimiters or protective instructions are used to separate ingested content from the generation prompt.
- Capability inventory: The agent reads project files and writes a markdown file.
- Sanitization: The skill does not provide instructions to sanitize or validate the content of the ingested files.
Audit Metadata