system-design
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill follows best practices for interactive system design and document generation.
- [COMMAND_EXECUTION]: The skill includes a shell command to update
.git/info/exclude. This is a benign maintenance task designed to prevent generated artifacts from being committed to version control. The command is hardcoded and does not incorporate untrusted user input, precluding command injection. - [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection because it ingests user-provided problem descriptions and requirements which are then written into a system brief artifact. However, this is the core intended functionality of the skill and does not trigger any high-risk secondary actions.
- Ingestion points: User input is gathered through the interactive discovery and requirements phases (referenced in
references/discovery.mdandreferences/requirements.md). - Boundary markers: Absent; user content is placed directly into the markdown template within
references/output.md. - Capability inventory: The skill has the capability to write files to the
.artifacts/docs/directory and execute specific, hardcoded shell commands for project maintenance. - Sanitization: No explicit sanitization or filtering of user-provided architectural text is performed, which is standard for a documentation-focused tool.
Audit Metadata