Skills
skills/donchitos/claude-code-game-studios/architecture-decision/Gen Agent Trust Hub

architecture-decision

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill retrieves data from local project files and existing ADRs to provide context for new records. This ingestion of untrusted data creates a surface for indirect prompt injection where malicious content in those files could influence the agent's behavior.\n
  • Ingestion points: The skill reads files from the docs/architecture/ directory and general project source code.\n
  • Boundary markers: There are no specified delimiters or instructions to ignore embedded commands within the read files.\n
  • Capability inventory: The skill is authorized to use Read, Glob, Grep, and Write tools to interact with the local filesystem.\n
  • Sanitization: No explicit sanitization or validation of the content read from files is performed before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 11:07 PM