Skills
skills/front-depiction/claude-setup/architecture-analysis/Gen Agent Trust Hub

architecture-analysis

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a local executable file at ./.claude/bin/architecture to process architectural data and generate dependency reports.
  • [COMMAND_EXECUTION]: The format command includes a file-writing capability using the --output parameter, allowing the tool to save Mermaid diagrams to the local filesystem.
  • [PROMPT_INJECTION]: The tool possesses an attack surface for indirect prompt injection as it parses external data. 1. Ingestion points: Reads and parses TypeScript source files from local directories (e.g., ./src). 2. Boundary markers: No specific delimiters or instructions to ignore embedded content are defined in the skill wrapper. 3. Capability inventory: Executes local commands via a binary and possesses file-writing capabilities via the --output flag. 4. Sanitization: No explicit sanitization or validation of the input source code content is performed by the skill wrapper.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 06:32 PM