architecture-assessment
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes entire codebases as untrusted input, creating an attack surface for indirect prompt injection where malicious instructions embedded in source code (comments, strings, or metadata) could attempt to influence the agent's logic during the assessment.
- Ingestion points: The skill reads and processes all files within the target project directory (referenced as
src/in examples). - Boundary markers: No explicit delimiters or instructions are provided to help the agent distinguish between code-to-be-analyzed and instructions-to-be-followed.
- Capability inventory: The skill utilizes shell command execution (via
npx,find,grep, etc.) and file system writes for generating reports. - Sanitization: No sanitization or filtering of the processed code content is implemented.
- [COMMAND_EXECUTION]: The assessment workflows rely heavily on the execution of various external command-line tools for complexity analysis, dependency mapping, and metric collection. While these are established development tools, their automated execution on locally provided project structures is a notable capability.
Audit Metadata