brainstorming-cn

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Manages a local Node.js server via shell scripts.
  • The skill uses scripts/start-server.sh and scripts/stop-server.sh to control the lifecycle of a visual companion server.
  • It spawns a Node.js process using scripts/server.cjs which utilizes only built-in Node.js modules (http, fs, path, crypto).
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection through project data analysis.
  • Ingestion points: The skill instructions in SKILL.md require the agent to read project files, documentation, and git commit history (探索项目上下文) to understand project requirements.
  • Boundary markers: There are no explicit instructions to use delimiters or ignore embedded instructions when reading external project data.
  • Capability inventory: The skill can execute shell commands (git, server management), write files (PRDs and HTML prototypes), and run a local HTTP/WebSocket server.
  • Sanitization: No validation or sanitization of ingested project content is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 06:42 AM
Security Audit — agent-trust-hub — brainstorming-cn