adr-create
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a bash command chain to determine the next numeric index for new documentation files. Evidence: The command ls docs/adrs/ 2>/dev/null | grep -o 'ADR-[0-9]*' | sort -t- -k2 -n | tail -1 is executed in Step 3. Analysis: This command sequence is used for a legitimate purpose and incorporates filtering via grep that prevents malicious file names from affecting the shell pipeline.
- [DATA_EXFILTRATION]: The skill performs local file system reads and writes to manage documentation. Evidence: File system access is limited to the docs/adrs/ directory for reading file names and writing new ADRs. Analysis: There is no evidence of access to sensitive system files or network-based data transmission.
- [PROMPT_INJECTION]: The skill captures user input to populate the content of the ADR documentation. 1. Ingestion points: User responses describing the decision, context, and alternatives in Step 1. 2. Boundary markers: Absent. 3. Capability inventory: Local file writing within the docs/adrs/ path. 4. Sanitization: None. Analysis: This represents an indirect prompt injection surface; however, the data is stored in static markdown files and is not processed as executable instructions, limiting potential impact.
Audit Metadata