improve-codebase-architecture
Warn
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses operating system commands (
xdg-open,open, orstart) to automatically open generated HTML files from the temporary directory in the user's default browser or file manager. - [EXTERNAL_DOWNLOADS]: The generated architectural reports load external CSS and JavaScript libraries (Tailwind CSS and Mermaid.js) from public CDNs (tailwindcss.com and jsdelivr.net).
- [DYNAMIC_EXECUTION]: The skill generates an HTML report that configures the Mermaid.js library with
securityLevel: "loose". This setting allows the execution of scripts and processing of certain HTML tags within diagrams. If the codebase being analyzed contains malicious content that is included in a diagram, it could result in Cross-Site Scripting (XSS) when the user opens the generated report. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill reads
CONTEXT.md, Architecture Decision Records (ADRs), and explores the wider project codebase via a sub-agent to inform its report content. - Boundary markers: None identified.
- Capability inventory: File system writes to temporary directories, system command execution (
open,xdg-open), and the ability to modify project documentation (CONTEXT.md). - Sanitization: There is no mention of sanitizing or escaping content retrieved from the codebase before it is embedded into the final HTML report.
Audit Metadata