architect
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes multiple external files from
docs/reverse-engineering/to generate its output. Since these files are treated as trusted context without explicit sanitization or boundary markers (delimiters), they represent a surface for indirect prompt injection. Malicious instructions embedded in these documentation files could potentially influence the agent's behavior during the architecture generation phase. - [COMMAND_EXECUTION]: The skill requests and is granted access to the
Bashtool. While the current instructions do not contain malicious shell commands, the availability of this tool combined with the processing of untrusted external documentation (as noted in the prompt injection finding) increases the potential impact if the agent is manipulated into executing arbitrary commands.
Audit Metadata