software-architect
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is composed strictly of markdown files providing instructions to the AI. No executable scripts or binary files are included.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from 'docs/specs/software-spec.md'. Boundary markers and sanitization are absent. However, the capability inventory is restricted to file-writing of markdown documentation, which is the primary purpose of the skill. This is considered safe.
- [SAFE]: No hardcoded credentials, sensitive file paths, or unauthorized network communication patterns were detected.
- [SAFE]: The skill does not employ any obfuscation, persistence mechanisms, or privilege escalation techniques.
Audit Metadata