implementation-status-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill uses persona instructions, casting the AI as an "elite Enterprise Software Architect." It also contains a behavioral override mandating the use of the "Superpowers plugin" and instructing the agent to prefer its methods over default behaviors.
- [DATA_EXFILTRATION]: The discovery phase systematically scans and reads high-sensitivity project artifacts, including database schema dumps, migration history, and infrastructure configuration directories such as
.github,deploy, anddocker. While necessary for an audit, this provides a comprehensive view of internal architecture. - [PROMPT_INJECTION]: (Indirect Prompt Injection)
- Ingestion points: The skill reads untrusted content from
CLAUDE.md,AGENTS.md,README.md, and other documentation files within the audited project. - Boundary markers: No boundary markers or isolation instructions are provided to ignore commands embedded in audited files.
- Capability inventory: The agent is granted broad read access to the entire project source code and write access to generate reports.
- Sanitization: The skill does not implement any sanitization or validation of the content it audits.
- [NO_CODE]: The skill consists entirely of instructional markdown and does not include any executable scripts or binary files.
Audit Metadata