init-architect
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): Potential for indirect prompt injection through repository analysis.
- Ingestion points: The skill analyzes repository structure, entry points, and directory names (SKILL.md).
- Boundary markers: Absent; the skill does not include delimiters or warnings to ignore instructions found within analyzed names.
- Capability inventory: The skill has write access to the repository root (/orchestra-config.json) and the local skill documentation directory.
- Sanitization: Absent; there is no mention of filtering or escaping names derived from the file system before using them in documentation or config generation.
Audit Metadata