domain-model
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, hardcoded credentials, or dangerous execution patterns were detected in the skill instructions or format templates.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it is instructed to explore and process data from the project codebase, though the risk is negligible given its restricted capabilities.\n
- Ingestion points: Source code files in the
src/directory,CONTEXT.md, and Architecture Decision Records (ADRs).\n - Boundary markers: Absent; no specific delimiters or instructions are provided to distinguish codebase content from instructions.\n
- Capability inventory: The skill is limited to reading the codebase and creating/updating markdown documentation. It has no access to network tools or arbitrary code execution.\n
- Sanitization: Absent; the skill processes and incorporates information from the codebase directly into documentation updates.
Audit Metadata