system-architect
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override system behavior, reveal internal prompts, or bypass safety filters.
- [Data Exposure & Exfiltration] (SAFE): Analysis of the source code and templates confirms no hardcoded credentials, sensitive file access (e.g., SSH keys), or network exfiltration patterns.
- [Remote Code Execution] (SAFE): The skill does not download or execute remote scripts. Commands listed in README templates (e.g., npm install) are placeholders for user documentation and are not executed by the agent itself.
- [Indirect Prompt Injection] (INFO): The skill processes user-provided project requirements to generate architectural advice. As it has no capability to write to the file system or execute commands on the host, the impact of maliciously crafted user input is restricted to the generated text output.
- [Obfuscation] (SAFE): All files are in cleartext; no encoded, hidden, or homoglyph-based obfuscation techniques were detected.
Audit Metadata