claude-md-architect
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill is strictly instructional and does not include any executable code, scripts, or network requests.
- Indirect Prompt Injection (LOW): The skill analyzes external codebase data (ingestion points: package.json, README.md, source code). Boundary markers (headers, XML tags) are suggested for organization. Capability inventory: The skill only generates documentation and lacks subprocess calls, network access, or file-write capabilities in its logic. Sanitization: No explicit sanitization of input data is defined, but the risk is minimal given the lack of dangerous capabilities.
Audit Metadata