Skills
skills/mathews-tom/armory/architecture-reviewer/Gen Agent Trust Hub

architecture-reviewer

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a vendor-provided bash script, scripts/scan_codebase.sh, which performs file system discovery and content inspection using tools like find, grep, and cat to locate architectural patterns and hardcoded secrets.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to the ingestion of external code and documents.
  • Ingestion points: User-provided codebase files and design documents used during the analysis phases.
  • Boundary markers: None; the instructions do not implement delimiters or ignore-behavior for content within the ingested files.
  • Capability inventory: The skill has the ability to execute local scripts and read any file within the provided codebase path.
  • Sanitization: None; no validation or escaping mechanisms are applied to the analyzed content to prevent embedded instructions from influencing the agent's behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 06:25 AM