architecture
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted input from external files, which creates a surface for indirect prompt injection.\n
- Ingestion points: The skill reads
prd.md,context-map.md, andbrainstorming.mdas specified inSKILL.md.\n - Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the input files.\n
- Capability inventory: The skill's actions are restricted to reading files and writing a markdown documentation file (
architecture.md). It contains a<HARD-GATE>that explicitly forbids writing code or modifying the codebase.\n - Sanitization: No sanitization or validation of the input file content is performed.
Audit Metadata