idea-generator
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface as it processes untrusted data from the internet to perform its primary function.
- Ingestion points: The skill uses
WebSearchandWebFetchtools in Step 3 and Step 5 of theSKILL.mdfile to retrieve complaints and market data from Reddit and other public websites. - Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external content as data only or to ignore instructions contained within that content.
- Capability inventory: The skill utilizes
ReadandWritetools to generate and store theidea-shortlist.jsonfile in the project root. - Sanitization: There is no evidence of sanitization, filtering, or validation of the web-fetched content before it is incorporated into the agent's brainstorming and scoring logic.
Audit Metadata