architecture-advisor
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses a synchronization script (scripts/sync-references.sh) to fetch architecture reference data from the author's GitHub repository (https://github.com/cristoslc/architecture-reference) using git clone. This is a documented vendor-owned resource used to populate the skill's reference library.
- [COMMAND_EXECUTION]: The skill executes local bash scripts (scripts/sync-references.sh) and utilizes system tools like mkdir, grep, and glob for data management, codebase analysis, and report generation.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted data from the user's codebase and external reference catalogs.
- Ingestion points: Reads files from the user's local codebase (via Read and Grep) and the synced references/ directory.
- Boundary markers: None identified; instructions do not provide delimiters or warnings to ignore instructions within the analyzed content.
- Capability inventory: The skill possesses Bash execution capabilities for script running and directory creation, along with broad file system read access.
- Sanitization: No evidence of sanitization or validation of external content before it is used to synthesize architecture recommendations.
Audit Metadata