wiki-architect
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is to generate JSON-based documentation and guides from repository metadata and file structures. No malicious intent or instructions were found in the skill body.
- [SAFE]: No network operations, such as curl, wget, or fetch, are used to communicate with external servers.
- [SAFE]: The skill does not access sensitive local files such as SSH keys, AWS credentials, or environment variables.
- [SAFE]: No external packages (Python or Node.js) are installed or utilized, and no remote code is downloaded or executed.
- [SAFE]: No obfuscation techniques, hidden commands, or deceptive metadata were identified.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by scanning untrusted repository files, but the risk is assessed as safe due to the lack of exploitable capabilities.
- Ingestion points: Reads the repository file tree and README file content.
- Boundary markers: No explicit delimiters or instructions are used to ignore embedded directives in the analyzed files.
- Capability inventory: The skill is limited to generating structured JSON output and does not have access to shell execution, file-writing, or network tools.
- Sanitization: No specific sanitization or filtering of codebase content is mentioned.
Audit Metadata