archibald
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: Analysis of the skill instructions and reference materials found no malicious patterns, prompt injections, or unauthorized data access commands.- [NO_CODE]: The skill package is composed strictly of Markdown instructions and documentation. It does not include Python, Node.js, or other executable scripts, significantly reducing the potential attack surface.- [PROMPT_INJECTION]: The skill interacts with untrusted data by analyzing user-provided codebases and documentation (Workflow Step 3). While this creates a surface for indirect prompt injection, the risk is negligible as the skill lacks high-privilege capabilities such as network exfiltration or code execution; any injection would be limited to influencing the content of the architectural report.
- Ingestion points: Target architecture files, directory structure, build files, and documentation (SKILL.md, Step 1 & 3).
- Boundary markers: Absent. No instructions provided to ignore or escape instructions found within analyzed files.
- Capability inventory: File reading and detailed report generation; no network or shell execution capabilities observed.
- Sanitization: Absent. Content from analyzed files is processed directly by the agent.
Audit Metadata