adr-methodology
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its multi-stage data ingestion and interpolation workflow.
- Ingestion points: User-provided problem descriptions, constraints, and options are collected during Stage 1 and persisted in .claude/adr-session.yaml.
- Boundary markers: The skill does not define explicit delimiters or instructions to ignore potentially malicious embedded commands when reading from the state file or generating the final ADR document.
- Capability inventory: The skill performs file read and write operations to the local project directory (.claude/ and docs/adr/) to maintain session state and produce documentation.
- Sanitization: There is no evidence of string validation, escaping, or sanitization of the architectural context before it is utilized in the analysis matrix or final MADR template output.
Audit Metadata