write-adr
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands such as git, gh, fd, and rg to identify ADR conventions and manage files. These operations are scoped to the project repository and align with the stated functionality of automating architecture documentation.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by reading existing ADR files to determine naming and formatting conventions. Ingestion points: Phase 0 instructions to read existing markdown files. Boundary markers: Absent. Capability inventory: Write, Edit, and Bash tools for git and GitHub. Sanitization: Absent. While this presents an attack surface where malicious instructions in a repository file could influence the agent, the risk is minimal given the specialized context of extracting structural metadata.
Audit Metadata