reduce
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to override system instructions or bypass safety filters were detected. The skill follows a structured workflow for architectural analysis.
- [DATA_EXFILTRATION]: The skill does not contain any network-reaching commands (curl, wget, fetch) or hardcoded credentials. It focuses on local repository analysis of configuration files like package.json and Makefiles.
- [REMOTE_CODE_EXECUTION]: There are no patterns for downloading or executing remote scripts. The skill explicitly states it is for analysis and recommendations only, and hands off implementation tasks to other skills.
- [COMMAND_EXECUTION]: No dangerous system commands or privilege escalation attempts (sudo, chmod) are present. It suggests commands for the user to run as part of a migration plan but does not execute them.
- [OBFUSCATION]: The content is clear and uses standard Markdown/YAML without any hidden encoding, zero-width characters, or homoglyphs.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests untrusted repository data (e.g., CI configs, Dockerfiles), it is a reporting tool with no direct execution capabilities, posing no significant risk of indirect injection.
Audit Metadata