skills/seqis/openclaw-skills-converted-from-claude-code/agent-architecture-designer/Gen Agent Trust Hub
agent-architecture-designer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to utilize the Bash tool for validation tasks, including testing APIs with curl, building containers, and executing database performance analysis (EXPLAIN ANALYZE).
- [EXTERNAL_DOWNLOADS]: The agent specification includes WebFetch and WebSearch tools, enabling the retrieval of content from external domains during the research phase.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes architectural requirements from an upstream agent (feature-analyst) while possessing high-privilege capabilities. * Ingestion points: Requirements and design specifications provided by the feature-analyst component in SKILL.md. * Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present. * Capability inventory: The agent has access to Bash, Read, Write, Edit, WebFetch, WebSearch, and Grep. * Sanitization: No evidence of input validation or sanitization for the data processed from the upstream source.
Audit Metadata