improve-codebase-architecture
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from the analyzed codebase, creating a surface for indirect prompt injection. 1. Ingestion points: Data enters via the Explore subagent in SKILL.md. 2. Boundary markers: Instructions do not provide delimiters or ignore-behavior markers for analyzed content. 3. Capability inventory: The skill writes Markdown RFCs to the filesystem and spawns multiple sub-agents. 4. Sanitization: No sanitization of ingested code content is performed.
Audit Metadata