architecture-review
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple shell commands for file discovery and metadata extraction, including
find,grep,git status, andls. - [COMMAND_EXECUTION]: External developer tools
pydepsandmadgeare invoked to perform dependency graph analysis and circular dependency detection. - [PROMPT_INJECTION]: The skill has a significant attack surface for Indirect Prompt Injection. \n
- Ingestion points: The workflow involves reading and analyzing Architecture Decision Records (ADRs) and source code across the repository. \n
- Boundary markers: No delimiters or safety instructions are used to distinguish analyzed code content from the agent's internal instructions. \n
- Capability inventory: The agent can execute shell commands, run python/node analysis tools, and access the local file system. \n
- Sanitization: External data from the analyzed codebase is processed without explicit sanitization or filtering.
- [COMMAND_EXECUTION]: The
coupling-analysis.mdmodule utilizespython -cto execute an inline script that processes data piped fromgrep. - [COMMAND_EXECUTION]: The skill includes instructions to execute
pyteston its own test suite for logic verification.
Audit Metadata