adr-drafting
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill instructions describe a benign process for creating Architecture Decision Records. It requires explicit user approval before performing any write operations to the filesystem.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes existing files from the repository which could contain malicious instructions designed to influence the agent.
- Ingestion points: The agent reads existing ADR files from repository paths such as
docs/architecture/adrto infer conventions. - Boundary markers: No delimiters or ignore instructions are provided when reading existing files.
- Capability inventory: The skill is permitted to use
Read,Write,Edit, andGlobtools. - Sanitization: There is no automated sanitization of the content read from the repository.
- Mitigation: The workflow includes a mandatory user review phase (Phase 4) where the final draft and destination path must be approved before execution.
Audit Metadata