architect-stack-selector
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill generates commands to add functional modules from the author's verified repository using
npx skills add ajrlewis/ai-skills. This follows the expected vendor resource pattern. - [COMMAND_EXECUTION]: The skill's workflow automates project scaffolding and validation steps. These actions are limited to the deployment of selected internal architectures and do not involve the execution of arbitrary external scripts.
- [PROMPT_INJECTION]: The skill uses user intent to determine component selection. This indirect prompt ingestion is mitigated by restricting choices to a predefined set of vendor skills and implementing a default human-in-the-loop review process.
- [SAFE]: No evidence of obfuscation, sensitive data access, or privilege escalation was found in the skill's instructions or metadata.
Audit Metadata