persona-architect
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: Comprehensive analysis of the skill's instructions, pre-built archetypes, and absolute rules revealed no malicious intent, obfuscation, or safety bypass patterns.\n- [COMMAND_EXECUTION]: The skill uses file tools including Read, Write, Edit, Glob, and Grep to interact with the file system for creating and maintaining persona configuration snippets. These operations are limited to the local environment and are aligned with the skill's primary function.\n- [PROMPT_INJECTION]: The design process ingests user-provided inputs to generate behavioral instructions, creating a surface for indirect prompt injection.\n
- Ingestion points: User requirements gathered during the requirements phase in
SKILL.md.\n - Boundary markers: Generated persona definitions are structured using Markdown headers and YAML snippets to separate metadata from instructions.\n
- Capability inventory: Includes file system write and edit capabilities (Read, Write, Edit, Glob, Grep) for persona persistence.\n
- Sanitization: No explicit instructional sanitization is defined, relying on the underlying model's safety guardrails to process the user-provided inspiration safely.
Audit Metadata