create-adr
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard git commands (
git diff,git log) and file system navigation to understand project context. These operations are appropriate for the skill's intended purpose in a development environment. - [PROMPT_INJECTION] (LOW): Vulnerable to indirect prompt injection (Category 8). A malicious actor could insert instructions into commit messages or code comments. If the agent processes this data during ADR generation, it might follow these instructions to distort the documentation or perform unauthorized file operations.
- Ingestion points:
git log,git diff, source files, and configuration files referenced inSKILL.md. - Boundary markers: Absent; the skill does not provide delimiters or instructions to the agent to disregard embedded instructions within analyzed data.
- Capability inventory: Local file system write access to the
docs/adr/directory. - Sanitization: Absent; the skill lacks validation or escaping for the data it interpolates into the ADR template.
Audit Metadata