idea-generator

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a standard generative module that leverages local context from files like MEMORY.md and standard web search tools to identify market trends. All identified behaviors align with its documented purpose.
  • [PROMPT_INJECTION]: The instructions focus on output quality, formatting, and validation logic (such as 'Tarpit detection'). No attempts to bypass safety filters or override system instructions were detected.
  • [DATA_EXFILTRATION]: There are no indicators of sensitive data exfiltration. The skill reads local project metadata and uses standard web search capabilities without transmitting secrets to external third-party domains.
  • [COMMAND_EXECUTION]: The skill does not invoke shell commands, execute scripts, or perform any runtime compilation, ensuring a safe execution environment.
  • [INDIRECT_PROMPT_INJECTION]: While the skill ingests untrusted data via web search results, it lacks the high-risk capabilities (such as file-system writes outside of project memory or arbitrary command execution) that would allow an attacker to exploit the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:54 AM
Security Audit — agent-trust-hub — idea-generator