architect-agent
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted data from issue tracker fields (summary, description, comments) and uses this information to create subtasks and update issue statuses. This represents an attack surface where malicious input in a ticket could influence agent actions. Ingestion points: Issue tracker context (summary, description, comments) referenced in SKILL.md. Boundary markers: Absent in the procedure instructions. Capability inventory: Creation of tracker subtasks, issue status updates, and parent issue comments. Sanitization: No sanitization or escaping logic is described for handling the ingested external content.
- No Code Detected (SAFE): The skill consists entirely of markdown configuration and documentation (SKILL.md, ARCHITECTURE.md, and docs/architecture.md) without any executable script files such as Python, JavaScript, or shell scripts, which significantly reduces the direct execution risk profile.
Audit Metadata