domain-identification-grouping
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access mechanisms were identified. The skill is purely analytical and focuses on generating architectural documentation and refactoring plans.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface as it processes external codebase metadata and component descriptions.
- Ingestion points: Component names, responsibilities, and business capability descriptions are analyzed from the user's codebase (SKILL.md).
- Boundary markers: No specific delimiters or "ignore instructions" directives are included for the processed data.
- Capability inventory: The skill produces markdown reports and documentation; it does not include instructions for code execution, network access, or system modifications.
- Sanitization: No filtering or sanitization of the analyzed codebase content is specified. This is typical for analysis-focused tools and represents a low risk.
- [DATA_EXFILTRATION]: No network operations or sensitive file access patterns were found. The skill operates within the provided project context.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute external dependencies or remote scripts.
Audit Metadata