skills/jeremylongshore/claude-code-plugins-plus-skills/cursor-reference-architecture/Gen Agent Trust Hub
cursor-reference-architecture
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements an architecture that relies on the agent reading and obeying rules from local files (e.g.,
.cursor/rules/*.mdc). This establishes an indirect prompt injection surface where instructions found in the codebase can influence or override agent behavior. - Ingestion points: The agent is instructed to read configuration and rule files from the local project directory (SKILL.md, configuration-file-architecture.md).
- Boundary markers: While the skill provides high-quality example security rules (security.mdc), it does not define strict programmatic boundaries to isolate the instructions found in these rules from the agent's core safety directives.
- Capability inventory: The skill has access to sensitive tools including
Read,Write,Edit, andBash(cmd:*), which increases the potential impact if a project-level rule is manipulated. - Sanitization: There is no evidence of sanitization or validation performed on the rule content before the agent adopts it as part of its operational context.
Audit Metadata