Skills
skills/dmmulroy/.dotfiles/improve-codebase-architecture/Gen Agent Trust Hub

improve-codebase-architecture

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from a codebase using tools like bash, grep, and find. It lacks explicit boundary markers or sanitization logic, creating a surface where malicious code in the project files could influence agent behavior or the content of generated reports.
  • Ingestion points: Project files and documentation read via read, grep, find, and bash in SKILL.md.
  • Boundary markers: None present in the instructions.
  • Capability inventory: bash command execution, file system writes to temp directories, and opening files via xdg-open/open/start.
  • Sanitization: None specified for the interpolation of code content into the HTML report.
  • [DYNAMIC_EXECUTION]: The architectural report template in HTML-REPORT.md configures the Mermaid.js library with securityLevel: "loose". This setting disables important security sandboxing, which could allow malicious content harvested from the codebase to execute scripts in the user's browser when the report is opened.
  • [EXTERNAL_DOWNLOADS]: The generated HTML reports fetch dependencies from well-known services, specifically Tailwind CSS from cdn.tailwindcss.com and Mermaid.js from the JSDelivr CDN (jsdelivr.net). These are used for styling and diagram rendering.
  • [COMMAND_EXECUTION]: The skill uses the bash tool to explore project directories and utilizes OS-level commands (xdg-open, open, or start) to automatically launch the generated report for the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 07:56 AM
Security Audit — agent-trust-hub — improve-codebase-architecture