backend-architect
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted user data while having access to sensitive system tools.
- Ingestion points: The agent processes user requests for API design, database implementation, and security features as shown in the examples in
references/agents/backend-architect.md. - Boundary markers: There are no explicit delimiters or instructions within the prompt to separate user-provided content from the agent's core instructions.
- Capability inventory: The agent is configured with
Bash,Write,Read,MultiEdit, andGreptools inreferences/agents/backend-architect.md, allowing for broad system interaction. - Sanitization: The instructions recommend implementing input validation within the code the agent writes, but they do not define sanitization or validation protocols for the instructions the agent receives from the user.
Audit Metadata