using-system-architect
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface exists through documentation processing.
- Ingestion points: The skill is designed to ingest and assess outputs from the system-archaeologist tool, including subsystem catalogs, C4 diagrams, and architecture reports (referenced in SKILL.md).
- Boundary markers: There are no explicit instructions or delimiters provided to the agent to treat external documentation as untrusted or to ignore embedded instructions within those documents.
- Capability inventory: The analyzed scripts primarily involve generating markdown documentation and do not include subprocess execution, network operations, or file-writing capabilities that could be leveraged by an attacker.
- Sanitization: No evidence of input validation or sanitization of the architectural data was found.
- [SAFE]: No hardcoded credentials, API keys, or private secrets were found in the provided files.
- [SAFE]: No remote code execution patterns, external script downloads, or unauthorized network activity were identified.
- [SAFE]: No obfuscation, multi-layer encoding, or hidden Unicode character patterns were detected in the prompt text or metadata.
Audit Metadata