aif-architecture
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows a legitimate workflow for generating project-level documentation. It does not attempt to access sensitive system files or establish network connections.
- [COMMAND_EXECUTION]: The use of the Bash tool is strictly limited to directory creation (
mkdir *) within the project structure, which is a low-risk operation for organizing generated artifacts. - [PROMPT_INJECTION]: While the skill references 'skill-context rules' that can override default instructions, these are described as project-specific configuration overrides within the framework's logic, not as an attempt to bypass agent-level safety filters or system instructions.
- [DATA_EXPOSURE]: The skill reads localized project context from files like
DESCRIPTION.mdandconfig.yaml. These files are expected parts of the development environment and the skill does not expose them to external parties.
Audit Metadata