adr
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a shell command pipeline (
ls,sort,tail) to determine the next sequence number for ADR files. The command uses a hardcoded path (docs/architecture/) and does not incorporate untrusted user input, making it safe. - [DATA_EXFILTRATION]: No network operations, external downloads, or access to sensitive credentials (such as .ssh or .aws directories) were detected. The skill's operations are confined to the local project documentation directory.
- [PROMPT_INJECTION]: The instructions do not contain patterns designed to bypass safety filters, override agent behavior, or extract system prompts.
- [INDIRECT_PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes untrusted data from the local environment.
- Ingestion points: Reads PRD files and implementation code as specified in
SKILL.mdto extract decisions. - Boundary markers: Absent. The skill does not explicitly use delimiters to wrap external content.
- Capability inventory: File system write access to
docs/architecture/and shell command execution for file listing inSKILL.md. - Sanitization: Absent. Content is processed directly without specific filtering for malicious instructions.
Audit Metadata