adr-writing
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes a local Python script
scripts/next_adr_number.pyto calculate the next available ADR sequence number. The script is bundled with the skill, uses only standard libraries (pathlib, re, argparse), and restricts its operations to file system metadata within the project directory. - [PROMPT_INJECTION]: The skill involves processing data from external sources such as pull requests, issues, and design documents to populate ADR sections. This represents a surface for indirect prompt injection where instructions in the source data could potentially influence agent behavior.
- Ingestion points: Pull request discussions, issues, and design documents (SKILL.md Step 2).
- Boundary markers: None present.
- Capability inventory: File system write access and execution of a local Python script.
- Sanitization: None present.
Audit Metadata