arch-api
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown documentation and YAML metadata and contains no executable script files or binaries.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the ingestion of untrusted external data. 1. Ingestion points: File paths and source code directories are accepted via the --input and --from-code flags. 2. Boundary markers: The instructions lack delimiters or safety markers to prevent the agent from executing instructions found within input files. 3. Capability inventory: The skill utilizes the local filesystem for writing output files and interacts with the OpenClaw CLI. 4. Sanitization: No explicit mention of input validation or content filtering is provided for the files processed by the skill.
Audit Metadata