Skills
skills/laurigates/claude-plugins/blueprint-adr-list/Gen Agent Trust Hub

blueprint-adr-list

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses Bash to run ls, fd, awk, and grep for file discovery and text parsing within the docs/adrs/ directory. These are standard operations for generating documentation indices.
  • [PROMPT_INJECTION]: Analyzes local ADR files to extract titles and statuses, which creates a surface for indirect prompt injection if the project files contain malicious instructions.
  • Ingestion points: Documentation files in docs/adrs/*.md are ingested in SKILL.md.
  • Boundary markers: Absent; the skill does not explicitly instruct the agent to ignore instructions embedded in the ADR files.
  • Capability inventory: Includes Bash commands for file system access and text processing as defined in SKILL.md.
  • Sanitization: Not present; the skill extracts and displays content as-is from the source files.
  • [SAFE]: No remote downloads, network exfiltration, or hardcoded credentials were found. The skill operates exclusively on local project documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 01:17 AM