Skills
skills/chrislacey89/skills/improve-codebase-architecture/Gen Agent Trust Hub

improve-codebase-architecture

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests and processes codebase files that could contain malicious instructions.
  • Ingestion points: Codebase navigation and exploration via the Agent tool (SKILL.md).
  • Boundary markers: No delimiters or isolation instructions are provided when reading codebase content.
  • Capability inventory: The skill can create GitHub issues using 'gh' and spawn sub-agents (SKILL.md).
  • Sanitization: No validation or sanitization of codebase data is performed.
  • [COMMAND_EXECUTION]: The skill executes shell commands to interact with GitHub for issue creation.
  • Evidence: Step 7 instructions use 'gh issue create' (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 03:05 PM
Security Audit — agent-trust-hub — improve-codebase-architecture