Architecture Audit
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes PowerShell scripts to perform recursive file system searches (
Get-ChildItem,Select-String). These operations are used to audit project versions, search for deprecated terminology, and validate the existence of local documentation links. - [PROMPT_INJECTION]: A surface for indirect prompt injection exists because the skill processes untrusted data from the user's project files (Markdown, JSON, and TypeScript).
- Ingestion points: Reads various project artifacts including
package.json,CHANGELOG.md, and all files insrc/anddocs/folders (documented inSKILL.md). - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the audited files.
- Capability inventory: Performs PowerShell-based file system reads and pattern matching (documented in
SKILL.md). - Sanitization: No explicit sanitization or validation of the content read from files is performed before processing.
Audit Metadata