Skills
skills/psenger/ai-agent-skills/arch-lens/Gen Agent Trust Hub

arch-lens

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection during its exploration phase.
  • Ingestion points: In WORKFLOW.md, the 'Explore' sub-agent (Step 1) is instructed to navigate the codebase naturally and record friction, meaning it reads and processes arbitrary content from the files within the repository.
  • Boundary markers: The instructions provided to the sub-agent do not include specific delimiters or directives to ignore instructions that might be embedded within the codebase (e.g., in code comments or documentation).
  • Capability inventory: The agent has access to Read, Grep, Glob, Write, and Bash(git *) tools.
  • Sanitization: There is no evidence of sanitization or filtering of the content read from the files before it is processed by the AI.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool restricted to git * commands to perform churn analysis and navigate the repository, as specified in the SKILL.md metadata and referenced in the workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 01:30 PM