audit-architecture

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes local shell commands to gather architectural data and metrics from the repository.
  • Evidence: git rev-parse --show-toplevel is used to identify the root of the project.
  • Evidence: ripgrep (rg) is employed by multiple subagents to search for layering violations, type strictness issues, and code smells.
  • Evidence: wc -l is used to evaluate file and function sizes for hygiene reporting.
  • [PROMPT_INJECTION]: The skill processes untrusted repository content, creating an attack surface for indirect prompt injection.
  • Ingestion points: Subagents ingest all source code and test files in the src/ and tests/ directories as part of the audit process.
  • Boundary markers: There are no explicit delimiters or instructions provided to the subagents to disregard potential instructions embedded within the source code being analyzed.
  • Capability inventory: The skill can spawn new subagents via the Agent tool and execute local shell commands for data processing.
  • Sanitization: The skill does not implement sanitization or escaping of the repository content before passing it to the subagents for evaluation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 11:58 AM
Security Audit — agent-trust-hub — audit-architecture