accelint-architecture-doc

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs automated discovery by scanning the codebase for architectural signals. This includes checking for the presence of infrastructure-related directories and files such as .aws/, gcp/, azure/, and .env.example. This data is used solely to populate the documentation with inferred values (e.g., identifying the cloud provider).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes content from various files within the repository (e.g., README.md, package.json, and other configuration files) to generate documentation. Ingestion points: Phase 1 subagents (Agents A-E) reading files across the repository. Boundary markers: No explicit delimiters are used during ingestion. Capability inventory: Updating ARCHITECTURE.md and AGENTS.md in Phase 3. Sanitization: Stripping inference source comments from final output. The risk is mitigated by a mandatory human-in-the-loop preview and confirmation step before any modifications.
  • [COMMAND_EXECUTION]: During the discovery phase, the skill spawns multiple subagents to scan the project filesystem for project identity, tech stack, and infrastructure details.
  • [SAFE]: The skill implements safety-oriented design patterns such as preserving human-authored content, marking inference sources, and requiring user approval for all changes.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 12:31 AM
Security Audit — agent-trust-hub — accelint-architecture-doc