system-design-doc
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill instructs the agent to analyze potentially sensitive configuration files, such as
appsettings.json,Web.config, andDbContext.cs, to extract technology stacks and database schemas. This process poses a risk of data exposure if the agent inadvertently includes hardcoded credentials or sensitive connection strings in the generated documentation. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because its primary function is to ingest and process content from untrusted external codebases. Malicious instructions could be embedded in code comments or file content to hijack the agent's logic during the reverse-engineering process.
- Ingestion points: Various source code and configuration files identified in
references/codebase-analysis.md(e.g.,Models/,Controllers/,appsettings.json). - Boundary markers: The skill does not define specific delimiters or instructions to treat codebase content strictly as passive data.
- Capability inventory: File system access via reading and searching tools (
find,grep,view) and writing documentation files to the.design-docs/directory as specified inSKILL.mdandreferences/codebase-analysis.md. - Sanitization: No explicit content sanitization or validation of the ingested codebase data is described.
Audit Metadata