adr-writing
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is designed for documentation workflows and does not exhibit malicious traits. No unauthorized data access or network communication was detected in the skill's logic or scripts.
- [COMMAND_EXECUTION]: The skill executes a local Python script,
scripts/next_adr_number.py, to determine the next available ADR sequence number. This script is bundled with the skill and uses standard libraries to inspect filenames in the local directory, which is a benign operation. - [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it ingests data from external sources like Pull Requests and issues to populate ADR sections. Given the restricted capabilities of the skill, the risk is negligible.
- Ingestion points: Processes external information from Pull Requests, issues, and related ADRs to fill context and driver sections.
- Boundary markers: Absent; the instructions do not specify delimiters to separate untrusted external content.
- Capability inventory: Includes executing a local numbering script and writing markdown files to a designated documentation directory.
- Sanitization: Absent; the skill relies on the agent's default handling of markdown input.
Audit Metadata