Skills
skills/bmad-code-org/bmad-method/bmad-agent-architect/Gen Agent Trust Hub

bmad-agent-architect

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script during its activation phase using the command uv run {project-root}/_bmad/scripts/resolve_customization.py. This is used to bootstrap the agent's configuration from the vendor's internal project structure and is a standard operational procedure within this framework.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by design, as it ingests untrusted data from the project environment.
  • Ingestion points: {project-root}/**/project-context.md and {project-root}/_bmad/bmm/config.yaml in SKILL.md.
  • Boundary markers: The skill does not implement explicit delimiters or warnings to ignore instructions embedded within the loaded project files.
  • Capability inventory: The agent has the ability to execute shell commands (via uv run) and invoke other skills (bmad-create-architecture, bmad-check-implementation-readiness).
  • Sanitization: No sanitization or validation of the ingested file content is performed prior to inclusion in the agent context. This surface is considered a standard feature for technical design agents requiring project context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 03:02 AM