architecture-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of markdown-based instructions and technical references. No executable scripts (.py, .js, .sh), shell commands, or obfuscated content were detected.
- [PROMPT_INJECTION]: The skill's primary function involves analyzing untrusted external codebases, which creates an attack surface for indirect prompt injection. 1. Ingestion points: The workflow directs the agent to read repository files such as README, package.json, and source code files. 2. Boundary markers: There are no explicit instructions for the agent to use delimiters or ignore embedded instructions within the analyzed code. 3. Capability inventory: The agent is tasked with reading files and summarizing their content into architectural observations. 4. Sanitization: No sanitization of input data is specified. This is an inherent risk of code analysis and is considered a low-severity characteristic relative to the skill's purpose.
Audit Metadata