architecture-review
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Category 4: Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations or remote script executions were found in the provided files.
- [Category 2: Data Exposure & Exfiltration] (SAFE): The skill performs local file system operations (find, grep) to analyze project structure. No network calls or exfiltration patterns to external domains were identified.
- [Category 8: Indirect Prompt Injection] (LOW): The skill analyzes untrusted data (user source code) and suggests shell commands for inspection. This represents a potential attack surface if an attacker could manipulate file names or contents to exploit shell behavior, though the provided commands are standard and restricted to file discovery.
- Ingestion points: Files located within
src/main/javavia theAnalysis Commandssection inSKILL.md. - Boundary markers: Absent; the skill does not explicitly use delimiters when processing file content in its prompts.
- Capability inventory: Uses read-only shell utilities including
find,grep,xargs, andsortfor static analysis. - Sanitization: No explicit sanitization of file paths or contents is specified.
- [Category 5: Privilege Escalation] (SAFE): The skill does not request or use elevated privileges such as
sudoor modify system-level configurations.
Audit Metadata