architecture-strategist
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is purely instructional and consists of natural language guidelines for the agent to follow during analysis. It does not include any executable shell commands, scripts, or binaries.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it is designed to read and analyze untrusted external data such as source code and architecture documentation. However, since the skill has no defined capabilities for file writing, network access, or code execution, this surface does not pose a significant security risk. 1. Ingestion points: Architecture documentation, README files, and code changes in SKILL.md. 2. Boundary markers: No specific delimiters are used to separate untrusted data from instructions. 3. Capability inventory: The skill is restricted to analysis and does not list any allowed-tools or execution capabilities. 4. Sanitization: There is no instruction to sanitize or filter the content of ingested files.
Audit Metadata