forge-architect
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
forge-memoryutility with various sub-commands (search, log, consolidate, and sync) to manage project state and architectural history. These are local CLI operations integrated into the agent's workflow. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its processing of project data. 1. Ingestion points: The agent reads the
docs/prd.mdfile and the project codebase to gather requirements. 2. Boundary markers: There are no specific delimiters or instructions defined to prevent the agent from following malicious instructions potentially embedded in the PRD or codebase. 3. Capability inventory: The agent has the authority to write files to the documentation directory and execute theforge-memorycommand-line tool. 4. Sanitization: The skill does not implement sanitization or filtering of the content read from external project files before it is processed.
Audit Metadata