adr-management
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface because it processes content within ADR files that could potentially contain malicious instructions.\n
- Ingestion points:
scripts/adr_manager.pyreads the contents of existing markdown files from theADRs/directory during search and retrieval operations.\n - Boundary markers: The skill does not utilize specific delimiters or instructions to treat embedded content in ADR files as non-executable data, potentially allowing embedded instructions to be interpreted by the agent.\n
- Capability inventory: The skill possesses file-writing capabilities via
scripts/adr_manager.py, which are used to scaffold and update ADR markdown files.\n - Sanitization: User-provided input is directly interpolated into ADR templates without sanitization to prevent the injection of instructions or markdown-based control characters.
Audit Metadata