Skills
skills/bjornmelin/dev-skills/platform-architect/Gen Agent Trust Hub

platform-architect

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a local binary utility to perform repository inventory tasks.
  • Evidence: SKILL.md and scripts/platform_inventory.py instruct the agent to execute /home/bjorn/.codex/skill-support/bin/repo-inventory with various flags.
  • The utility is located in the author's home directory (/home/bjorn/), which corresponds to the skill author 'BjornMelin'.
  • [PROMPT_INJECTION]: The skill instructions create a surface for indirect prompt injection by prioritizing instructions found within the analyzed repository.
  • Ingestion points: The agent is instructed to read AGENTS.md from the target repository first for 'local constraints and canonical commands'.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded malicious prompts are provided when reading AGENTS.md.
  • Capability inventory: The skill has the capability to execute subprocesses (via platform_inventory.py) and access external documentation (via context7 and exa MCP tools).
  • Sanitization: No sanitization or validation of the content within AGENTS.md is performed before the agent adopts its instructions as constraints.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 04:55 AM