audit-architecture
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes local shell commands to gather architectural data and metrics from the repository.
- Evidence:
git rev-parse --show-toplevelis used to identify the root of the project. - Evidence:
ripgrep(rg) is employed by multiple subagents to search for layering violations, type strictness issues, and code smells. - Evidence:
wc -lis used to evaluate file and function sizes for hygiene reporting. - [PROMPT_INJECTION]: The skill processes untrusted repository content, creating an attack surface for indirect prompt injection.
- Ingestion points: Subagents ingest all source code and test files in the
src/andtests/directories as part of the audit process. - Boundary markers: There are no explicit delimiters or instructions provided to the subagents to disregard potential instructions embedded within the source code being analyzed.
- Capability inventory: The skill can spawn new subagents via the
Agenttool and execute local shell commands for data processing. - Sanitization: The skill does not implement sanitization or escaping of the repository content before passing it to the subagents for evaluation.
Audit Metadata