senior-architect
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The SKILL.md file references npm and pip installations without providing the necessary manifest files (package.json, requirements.txt), making the resulting dependencies unverifiable.
- [Indirect Prompt Injection] (LOW): The scripts ingest user-provided directory paths. Evidence Chain: 1. Ingestion: target_path parameter in all Python scripts. 2. Boundary Markers: Absent. 3. Capability: Read (existence check) and documented 'automated fixes' (write). 4. Sanitization: Absent.
Audit Metadata