improve-codebase-architecture
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's operations are confined to codebase analysis and documentation updates, which align with its stated purpose of architectural improvement.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it analyzes untrusted codebase data. 1. Ingestion points: Project source code, .red/CONTEXT.md, and ADR files (referenced in SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Modifies documentation files (.red/CONTEXT.md, ADRs) and spawns sub-agents via the Agent tool. 4. Sanitization: Absent; the skill relies on the user in the 'grilling loop' to validate changes.
Audit Metadata