c4-model

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes npx likec4 validate in Phase 6 to verify the syntax of produced C4 models. This is a legitimate use of development tooling for linting and validation purposes.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx to execute commands, which may download the likec4 package from the public npm registry if not locally available. LikeC4 is a well-known architecture-as-code tool.
  • [PROMPT_INJECTION]: The skill reads external files such as Architecture Decision Records (ADRs) and existing models to identify architectural drift. This creates a surface for indirect prompt injection, though the logic is focused on specific name extraction.
  • Ingestion points: Reads files matching **/*.c4, **/likec4.config.*, and documents within ADR-related directories (e.g., docs/adr/, docs/decisions/).
  • Boundary markers: No specific delimiters or safety instructions are applied to the ingested content.
  • Capability inventory: Subprocess execution of npx likec4 validate and local file writes for model and configuration files.
  • Sanitization: The skill identifies and extracts component names for comparison; it does not explicitly perform sanitization of the text contained within the ADRs.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:39 AM
Security Audit — agent-trust-hub — c4-model