easysdd-architecture-check
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates in a read-only mode for architectural analysis. It contains explicit 'Hard Boundaries' ('只检查,不修复'
- Only check, don't fix) that prevent the agent from making unauthorized changes to the filesystem or project code.
- [PROMPT_INJECTION]: No prompt injection patterns, such as bypass instructions, developer mode triggers, or 'ignore previous instruction' markers, were found in the skill metadata or body.
- [DATA_EXFILTRATION]: The skill does not perform network operations or access sensitive system directories (e.g., .ssh, .aws). Its access is limited to project documentation (e.g., DESIGN.md, architecture docs) and related source code files for the purpose of consistency checking.
- [REMOTE_CODE_EXECUTION]: There is no evidence of remote code execution, external script fetching, or third-party package installation. The skill does not utilize dynamic execution sinks like eval() or subprocess.run() on untrusted inputs.
- [COMMAND_EXECUTION]: The skill does not use shell commands or dynamic context injection patterns (
!command). It relies on reading file content to provide logical feedback to the user.
Audit Metadata