github-repo-architect
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill performs shell and GitHub CLI (gh) operations to clone repositories, create pull requests, and modify workflows in batch. These operations are essential to the primary purpose of repository architecture management but require the agent to have broad permissions within the user's GitHub environment.
- [PROMPT_INJECTION] (LOW): The skill is subject to indirect prompt injection risks. 1. Ingestion points: The agent reads and parses external repository data, including package.json files and directory structures. 2. Boundary markers: None are present to distinguish untrusted repository content from internal instructions. 3. Capability inventory: The skill has the capability to write files and push changes to remote repositories. 4. Sanitization: No sanitization of ingested repository data is observed.
- [EXTERNAL_DOWNLOADS] (LOW): The skill references and includes the 'ruv-swarm' package in generated project templates. While not automatically executed by the skill itself, it introduces an unverifiable third-party dependency into the user's projects.
Audit Metadata