ln-642-layer-boundary-auditor
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is configured to retrieve architectural reference files and detection methodologies from the author's official GitHub repository to populate its internal rule sets.
- [COMMAND_EXECUTION]: Employs shell-based tools including Grep and Glob via the Bash tool to scan the local codebase for architectural violations such as transaction boundary mismatches.
- [PROMPT_INJECTION]: The skill encounters an indirect prompt injection surface as it parses untrusted content from the local environment to construct analysis rules.
- Ingestion points: Reads 'docs/architecture.md' for architecture discovery and various source code files for violation detection.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded commands within the audited text.
- Capability inventory: Accesses file system read/write operations and executes shell commands for pattern matching.
- Sanitization: Lacks explicit validation or escaping of the architectural definitions parsed from external documentation.
Audit Metadata