authoring-architecture-docs
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) as it processes external, untrusted data to produce architectural documentation.
- Ingestion points: The skill ingests 'Project description, README, or source code' as described in
SKILL.md(Step 2 and Inputs section). - Boundary markers: There are no explicit instructions or delimiters provided to the agent to distinguish between the skill's instructions and the untrusted content being documented.
- Capability inventory: The skill has the capability to write multiple files to the filesystem (
docs/architecture/ARCHITECTURE.mdand several.mermaidfiles) as described inSKILL.md(Step 6). - Sanitization: No sanitization or validation of the input content is mentioned before it is processed and interpolated into the documentation templates.
Audit Metadata