adr-review
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill instructions focus on document review and rewriting of architectural documentation. It does not perform network operations, access sensitive system files, or execute external code.
- [PROMPT_INJECTION]: The skill processes Architecture Decision Records (ADRs) which may contain untrusted content. This represents an indirect prompt injection surface.
- Ingestion points: Reads ADR files identified by the user or within repository scope.
- Boundary markers: None explicitly defined in the skill instructions.
- Capability inventory: Reading and rewriting local ADR files.
- Sanitization: No specific sanitization or escaping of input content is specified. Risk is mitigated by the workflow requiring chat-based analysis before file changes.
Audit Metadata