architecture-audit
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a shell script
evals/run-static-checks.shintended for developer-side static verification. This script executes a local Python validator (check-skill-static.py) to ensure the skill's structure and registries remain intact. - [DATA_EXFILTRATION]: The skill is designed to read local codebase files for auditing purposes and write findings to local directories such as
docs/audits/oraudit-artifacts/. No unauthorized network communication or external data transmission was observed. - [PROMPT_INJECTION]: The instructions provide clear boundaries and negative test cases to prevent the agent from performing tasks outside its scope (e.g., designing new systems or refactoring code). No bypass or override patterns are present.
- [SAFE]: All external references in the documentation and
skill.jsonpoint to established architectural patterns and well-known academic or industry sources (e.g., Robert C. Martin, Martin Fowler, Alistair Cockburn).
Audit Metadata