security-architect
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely focused on defensive security operations and contains no malicious code, obfuscated commands, or patterns associated with data exfiltration or credential theft.\n- [COMMAND_EXECUTION]: The dispatcher script (
scripts/main.cjs) correctly implements secure subprocess management by usingspawnSyncwithshell: falsewhen invoking external tools, which prevents command injection attacks.\n- [PROMPT_INJECTION]: The skill is designed to process external, untrusted code and documentation for analysis, which constitutes a surface for indirect prompt injection. This is addressed within the skill's own knowledge base and instructions.\n - Ingestion points: The skill ingests data from local files and directory paths specified by the user or discovered via standard search tools (
Read,Glob,Grep).\n - Boundary markers: The knowledge base (
knowledge/owasp-agentic-ai-top-10.md) explicitly recommends delineating untrusted external content with delimiters and warning instructions to prevent hijacking agent behavior.\n - Capability inventory: The skill has access to file manipulation (
Write,Edit) and shell execution (Bash) to facilitate security fixes, alongside executing standard security scanners via the dispatcher script.\n - Sanitization: The skill's internal automation scripts handle command-line arguments without a shell environment, effectively sanitizing input and preventing the exploitation of shell metacharacters.
Audit Metadata