software-architect
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from external sources, creating a surface for indirect prompt injection. (1) Ingestion points: Architecture pages fetched from Confluence and target solution source code analyzed during Review Mode. (2) Boundary markers: Absent; instructions do not specify the use of delimiters or ignore warnings when processing this content. (3) Capability inventory: Includes the ability to fetch and create Confluence pages via MCP tools (mcp__atlassian__getConfluencePage, mcp__atlassian__createConfluencePage). (4) Sanitization: Absent; the skill does not define validation or sanitization steps for the ingested data.
- [DATA_EXFILTRATION]: The skill documentation reveals environment details such as local directory paths (e.g., /home/khanm/bclearer/ol_bclearer_pdk/libraries/) and a Confluence Cloud ID (c62e56c2-b224-4d4e-a859-afa7de01241e).
- [EXTERNAL_DOWNLOADS]: References the author's official UI library repository on GitHub (github.com/OntoLedgy/ol_ui_library).
Audit Metadata