Skills
skills/paulund/ai/dev-improve-codebase-architecture/Gen Agent Trust Hub

dev-improve-codebase-architecture

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection attacks where instructions embedded in project documentation could influence the agent's behavior.
  • Ingestion points: The skill reads external codebase documentation, specifically CONTEXT.md, CONTEXT-MAP.md, and Architecture Decision Records (ADRs) within the docs/adr/ directory to extract domain vocabulary and architectural context (SKILL.md, Step 1).
  • Boundary markers: There are no explicit instructions or delimiters used when reading these files to differentiate between data and potentially malicious instructions.
  • Capability inventory: The skill utilizes the Explore agent tool to crawl the codebase and the gh (GitHub CLI) to create issues. It also performs a git remote check (SKILL.md, Step 4).
  • Sanitization: There is no evidence of sanitization or validation of the domain vocabulary or context extracted from project files before it is processed or included in the final GitHub issue bodies.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 07:17 AM
Security Audit — agent-trust-hub — dev-improve-codebase-architecture