adr-discover
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard shell utilities including
find,grep, andlsto navigate the file system and search for specific code patterns. These commands are executed locally and are restricted to identifying existing project characteristics. - [DATA_EXFILTRATION]: Analyzes local files such as
package.json,pyproject.toml, and source code to extract architectural signals. No network requests, external data transfers, or connections to remote servers were identified. - [INDIRECT_PROMPT_INJECTION]: The skill reads and processes untrusted data from the repository being analyzed. While this constitutes an attack surface for indirect prompt injection, the risk is significantly mitigated by a human-in-the-loop mechanism that requires the user to review and approve all findings before they are used to generate documentation.
Audit Metadata