Skills
skills/zhaono1/agent-playbook/architecting-solutions/Gen Agent Trust Hub

architecting-solutions

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design. It instructs the agent to recursively search and analyze the existing codebase to identify patterns and constraints.
  • Ingestion points: SKILL.md (Step 3: Analyze Existing Codebase) directs the agent to use grep and find on project files.
  • Boundary markers: Absent. There are no instructions to treat file content as data only or to ignore embedded instructions within code comments.
  • Capability inventory: The skill is granted Write, Edit, Bash, WebSearch, and Read capabilities, which could be exploited if the agent follows malicious instructions found in the codebase.
  • Sanitization: Absent. The agent processes discovered code directly to inform its architecture designs.
  • [COMMAND_EXECUTION]: The skill explicitly uses the Bash tool for project exploration.
  • Evidence includes template commands for grep -r, find, and ls -la targeting the packages/ directory to trace data flows and state management patterns.
  • [DATA_EXPOSURE]: The skill defines background hooks in its metadata that may log session data or transmit architecture patterns for learning purposes.
  • after_complete hooks include self-improving-agent and session-logger. While these appear intended for internal performance monitoring, they represent points where technical design details are processed outside of the immediate user interaction.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 02:59 PM