suggest
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to suggest and facilitate the execution of commands (e.g.,
/arc:ideate) based on its analysis of the project. This is the primary function of the skill.- [PROMPT_INJECTION]: The skill features a surface for indirect prompt injection due to its intake of external, potentially untrusted data sources. - Ingestion points: The skill reads Linear issue descriptions (via MCP), codebase annotations such as TODOs and FIXMEs, and external data during 'Discovery mode' (market trends and competitor research).
- Boundary markers: There are no explicit delimiters or system instructions defined to prevent the agent from obeying instructions embedded within the processed codebase comments or issue descriptions.
- Capability inventory: The skill has the capability to spawn sub-agents for codebase exploration (via the Task tool) and execute workspace commands based on generated recommendations.
- Sanitization: No input sanitization or filtering logic is present to validate the content retrieved from external sources or codebase files before it is processed by the model.
Audit Metadata