aiox-architect
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script using the command
node .aiox-core/development/scripts/generate-greeting.js architect. This is used to dynamically generate a greeting upon activation and is standard behavior for the author's framework.\n- [PROMPT_INJECTION]: The skill defines an indirect prompt injection surface by loading its core instructions from local files.\n - Ingestion points:
.aiox-core/development/agents/architect.mdand.aiox-core/constitution.mdare loaded as the source of truth for the agent's behavior.\n - Boundary markers: No specific delimiters or safety warnings for the loaded content are present in the skill definition.\n
- Capability inventory: The skill possesses the capability to execute Node.js scripts and process system architecture commands.\n
- Sanitization: No validation or sanitization of the loaded markdown files is performed before they are incorporated into the agent's context.
Audit Metadata