Skills
skills/comsky/remy-skill-recipes/architecture-spec/Gen Agent Trust Hub

architecture-spec

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted content from the repository and uses it to generate output that can be published to external platforms.
  • Ingestion points: The skill ingests changed_files, diff_summary, and diff_snippets directly from the repository's git history as defined in SKILL.md.
  • Boundary markers: There are no boundary markers or delimiters defined to separate the untrusted diff content from the agent's instructions, nor are there warnings to ignore instructions embedded within the code snippets.
  • Capability inventory: The skill possesses the capability to publish content to an external service via the notion.create_page tool call referenced in subskills/notion-page-publisher.md.
  • Sanitization: The skill does not implement any sanitization or escaping mechanisms for the external data before it is interpolated into the prompts for documentation generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 06:06 AM