architecture-reviewer
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local shell script (scripts/scan_codebase.sh) to gather architectural metrics and metadata from a provided codebase. This script performs file system discovery and content pattern matching using standard command-line tools.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it is designed to ingest and analyze untrusted external content, including source code and design specifications.\n
- Ingestion points: External data is ingested via codebase scanning and document reading phases.\n
- Boundary markers: The skill does not employ specific delimiters to isolate analyzed content from instructions.\n
- Capability inventory: The skill maintains the capability to execute local scripts and generate structured reports.\n
- Sanitization: No automated sanitization or instruction filtering is applied to the ingested files.
Audit Metadata