senior-architect
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
architecture_diagram_generator.py,project_architect.py, anddependency_analyzer.py) to perform its core functions. These operations are intended for local project analysis and are consistent with the skill's primary purpose. - [EXTERNAL_DOWNLOADS]: The skill documentation references standard package managers such as npm and pip for installing dependencies from well-known public registries. No suspicious remote code execution or untrusted script downloads (e.g., curl|bash) were found.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it is designed to analyze external, untrusted project source code and configuration files.
- Ingestion points: Target project paths and source code directories provided by the user for analysis.
- Boundary markers: Absent; the instructions do not specify delimiters or warnings to ignore instructions found within analyzed project data.
- Capability inventory: File system access and local script execution used for auditing dependencies and generating system diagrams.
- Sanitization: No explicit validation, escaping, or filtering of the content within the analyzed files is documented.
Audit Metadata