adr
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [SAFE] (SAFE): No malicious patterns, prompt injection attempts, or unauthorized data access commands were found in the skill files.- [NO_CODE] (INFO): The skill contains no executable logic (Python, Node.js, or shell scripts). It functions by providing the agent with natural language instructions and a markdown template for documentation management.- [Indirect Prompt Injection] (LOW): A potential attack surface exists because the skill reads content from project files which could contain malicious instructions.- Ingestion points: Reading ADR files from local directories (e.g.,
doc/adr/) via theviewandsearchactions.- Boundary markers: Absent; the skill does not define specific delimiters for separating file content from system instructions.- Capability inventory: Local file-system read and write access.- Sanitization: Absent; there is no explicit instruction to sanitize or ignore instructions found within processed files.
Audit Metadata