easysdd-architecture
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from the user and the project environment.
- Ingestion points: The skill reads user-provided materials (oral input, scattered documents, whiteboard photos), existing architecture documents in the 'easysdd/architecture/' directory, and project source code core files.
- Boundary markers: Absent. No specific markers or delimiters are used to separate user data from the agent's internal instructions.
- Capability inventory: The skill has the ability to write Markdown files to the filesystem and execute a local Python search script.
- Sanitization: Absent. There is no evidence of validation or sanitization logic for the content extracted from external materials.
- [COMMAND_EXECUTION]: The skill executes a local Python script for metadata searching.
- Evidence: The command 'python easysdd/tools/search-yaml.py' is used in 'reference.md' to query decision, explore, and learning documents within the project structure.
Audit Metadata