compare-architectures
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a Python script located at '.claude/skills/bmad-commands/scripts/read_file.py' to ingest architectural documentation. This command is used to read and output file content as JSON for the agent to process.
- [SAFE]: All operations are performed locally within the defined workspace. The skill generates output in the 'docs/' directory and does not attempt to access sensitive system locations, hardcoded secrets, or external URLs.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it ingests and processes untrusted data from external architecture documents and user-provided requirements. 1. Ingestion points: Reads the file path provided in the 'current_architecture' input and parses the 'new_requirements' string. 2. Boundary markers: The instructions do not specify the use of delimiters or protective headers when interpolating external content. 3. Capability inventory: The skill can read local files through a helper script and write new markdown files to the 'docs/' directory. 4. Sanitization: There is no evidence of content filtering or input sanitization for the ingested data before it is analyzed by the agent.
Audit Metadata