adr-create
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates a surface for indirect prompt injection during the ADR creation process.
- Ingestion points: Untrusted data enters the agent context through the user-provided title argument and results retrieved from the adr-patterns namespace via mcp__claude-flow__memory_search.
- Boundary markers: No specific delimiters or instructions are used to separate ingested data from agent instructions or to prevent the execution of embedded commands.
- Capability inventory: The skill possesses file-writing capabilities (Write tool) and access to internal data stores (agentdb_hierarchical-store, memory_store).
- Sanitization: While titles are slugified for use in filenames, the content is inserted into the ADR Markdown template and the database without explicit sanitization or escaping mechanisms.
Audit Metadata