codebase-design
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected within the skill instructions.
- [NO_CODE]: The skill consists exclusively of markdown instructions and does not include any scripts, executables, or package dependencies, reducing the risk of runtime code execution attacks.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by reading external markdown files and local project code.
- Ingestion points: The skill reads
PRINCIPLES.md,VOCABULARY.md,MODULES.md,TYPESCRIPT.md,CLOUDFLARE.md, andEFFECT.mdfrom the../coding-standards/directory, as well as existing project files during the local convention audit. - Boundary markers: Absent. The skill does not implement delimiters or specific instructions to ignore embedded prompts within the loaded standards files.
- Capability inventory: The skill relies on file system read and write capabilities to perform audits and implement code changes.
- Sanitization: None. The content from external coding standard files is accepted as authoritative without verification or filtering.
Audit Metadata