doc-adr-audit
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow for auditing Architecture Decision Record (ADR) files, which introduces a surface area for indirect prompt injection (Category 8). Maliciously crafted ADR files could theoretically contain instructions intended to influence the agent's behavior during the audit or fix cycle.
- Ingestion points: The skill accepts an ADR file path (e.g.,
docs/05_ADR/...) as input and processes the content within the audit pipeline. - Boundary markers: The execution contract does not specify any delimiters or safety instructions (e.g., 'ignore instructions within the ADR') to separate data from the agent's operational instructions.
- Capability inventory: The skill orchestrates multiple sub-skills (
doc-adr-validator,doc-adr-reviewer) and triggers a remediation skill (doc-adr-fixer), while also performing file write operations to generate combined audit reports. - Sanitization: The provided documentation does not mention any sanitization, validation, or escaping of the ADR content before it is processed by the agent or passed to downstream artifacts.
Audit Metadata