architect
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection as it processes external Product Requirements Documents (PRDs) and user specifications to generate machine-verifiable build plans. While this is a functional requirement for the skill's operation, it creates a potential channel for instructions to be passed from external files to the planning output.
- Ingestion points: Processes user-provided descriptions and reads external PRD files (SKILL.md).
- Boundary markers: The skill does not explicitly define boundary markers or delimiters to separate untrusted PRD content from the agent's internal instruction set.
- Capability inventory: The skill reads local project files (e.g., package.json, tsconfig) and writes planning documents to the
.planning/directory. - Sanitization: No explicit sanitization or validation of the input text from PRDs is defined in the instructions.
- [SAFE]: No obfuscation, hardcoded credentials, or unauthorized network operations were identified. The skill's operations are confined to architectural analysis and document generation within the local project environment.
Audit Metadata