The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): The archi_run_script tool enables execution of arbitrary JArchi scripts. This provides a high-privilege interface to the Archi modeling environment that could be exploited to perform unauthorized model modifications or environment introspection if the agent processes malicious input.
PROMPT_INJECTION (MEDIUM): The Continuous Improvement section instructs the agent to update the relevant reference file immediately based on runtime learning. This creates a self-modification loop that could be exploited for persistent prompt injection, where an attacker tricks the agent into encoding malicious rules into its own documentation.
PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection. (1) Ingestion points: Architecture model data (names, descriptions) retrieved via search and query tools in reference/01-task-routing.md. (2) Boundary markers: None present. (3) Capability inventory: Significant mutation capabilities via archi_apply_model_changes and script execution via archi_run_script. (4) Sanitization: No explicit validation or escaping of model content is performed before use in logic or subsequent tool calls.

archi-mcp-modeling