architect-reviewer
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or credential exposures were identified in the skill instructions or metadata.
- [NO_CODE]: The skill consists entirely of markdown instructions and static JSON assets. No scripts, binaries, or external package dependencies (Python or Node.js) are included.
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze external architectural documents, creating a surface for indirect prompt injection. 1. Ingestion points: Review of architectural diagrams and design documents (SKILL.md). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: No tools are permitted (allowed-tools is explicitly empty), which prevents the agent from taking any actions beyond text generation. 4. Sanitization: No input validation or filtering of the reviewed materials is performed.
Audit Metadata