systems-architecture
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes external repository content and documentation, which constitutes an indirect prompt injection surface. Maliciously crafted files within a repository could attempt to subvert the agent's instructions while it is performing its architectural analysis.
- Ingestion points: Processes repository files and lifecycle documentation using tools like
read/readFileandsearch(SKILL.md). - Boundary markers: Absent. The instructions do not provide delimiters or specific directives to ignore embedded instructions found within analyzed files.
- Capability inventory: The agent has access to powerful tools including
vscode/runCommand,edit/editFiles,edit/createFile, andedit/createDirectory(SKILL.md frontmatter). - Sanitization: Absent. No sanitization or validation logic is defined for the content extracted from the files being analyzed.
Audit Metadata