Skills
skills/aradotso/claude-code-skills/claude-code-architecture-patterns/Gen Agent Trust Hub

claude-code-architecture-patterns

Warn

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The installation instructions guide the user to clone a repository from an unverified third-party GitHub account (alejandrobalderas/claude-code-from-source.git).
  • [COMMAND_EXECUTION]: The skill provides commands to install dependencies (npm install) and run a development server (npm run dev) using the code from the external repository, facilitating the execution of unverified code.
  • [INDIRECT_PROMPT_INJECTION]: The documented patterns describe an agent architecture that ingests external data (tool results) and interpolates it into the conversation history, which creates a surface for indirect prompt injection.
  • Ingestion points: The agentLoop and agentLoopWithSpeculation functions within SKILL.md ingest tool results and external queries.
  • Boundary markers: The provided code examples do not include delimiters or boundary markers for external content.
  • Capability inventory: The skill describes capabilities for arbitrary tool execution (executeTool) and file system write operations (MemorySystem.store).
  • Sanitization: No sanitization or validation of tool outputs is demonstrated before they are added to the agent context.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 17, 2026, 08:20 AM
Security Audit — agent-trust-hub — claude-code-architecture-patterns