Skills
skills/galihcitta/dotclaudeskills/generating-adrs/Gen Agent Trust Hub

generating-adrs

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Command Execution] (SAFE): The skill uses ls in SKILL.md to search for existing ADR directories. This is a legitimate file discovery action for documentation tasks.
  • [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted requirement documents (PRDs/TRDs).
  • Ingestion points: SKILL.md Phase 0, Step 1 involves reading user-provided documentation files.
  • Boundary markers: Absent; no specific delimiters or safety instructions are used to distinguish document content from system instructions.
  • Capability inventory: SKILL.md includes directory listing (ls) and file creation/writing (Phase 5).
  • Sanitization: Absent; the skill lacks explicit validation or sanitization of the content extracted from requirement documents.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:43 PM