Skills
skills/dvf/opinionated-django/dj-architecture/Gen Agent Trust Hub

dj-architecture

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by reading project files that may contain untrusted data.\n
  • Ingestion points: The agent reads files such as src/project/settings.py, src/project/ids.py, src/project/api/__init__.py, and ARCHITECTURE.md.\n
  • Boundary markers: There are no markers or instructions provided to the agent to distinguish between its own instructions and data from the ingested files.\n
  • Capability inventory: The skill allows the agent to execute shell commands via Bash and modify the codebase using Write and Edit.\n
  • Sanitization: No validation or sanitization is performed on the data ingested from the project's files.\n- [COMMAND_EXECUTION]: The skill instructs the agent to run various development-related shell commands, such as makemigrations, migrate, ruff, and pytest.\n- [EXTERNAL_DOWNLOADS]: The skill provides instructions for the agent to install new software packages via the uv add command.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 01:59 PM