brainstorm
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs legitimate research-related tasks, including reading workspace notes and writing hypotheses to a designated file. It does not engage in network exfiltration or dangerous command execution.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted data from research papers and literature files.\n
- Ingestion points: The skill reads various Markdown files and paper summaries from
reaper-workspace/notes/andreaper-workspace/papers/, as well as a user-provided[context-hint]argument.\n - Boundary markers: The instructions do not specify any delimiters or safety warnings for the agent when processing this external data.\n
- Capability inventory: The skill's capabilities are restricted to reading research notes and writing new hypotheses to
reaper-workspace/notes/ideas.md. It does not utilize network or subprocess execution tools.\n - Sanitization: No explicit sanitization or validation of the input content is performed.
Audit Metadata