reverse-architect
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill methodology and instructions are focused entirely on software design analysis. All identified operations, such as reading manifests and source code, are strictly aligned with the stated purpose of understanding and explaining software projects. No suspicious commands or unauthorized data access patterns were found.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because its primary function is to ingest and interpret data from untrusted external codebases. Ingestion points: The skill directs the agent to read project manifests (e.g., package.json, Cargo.toml, go.mod), documentation files (README.md), type-definition files, and source code entry points during Steps 2 through 5 of the thinking process. Boundary markers: Absent; the instructions do not define specific delimiters or provide warnings to the agent to disregard instructions found within the analyzed codebase. Capability inventory: The skill utilizes extensive file-reading capabilities across the project structure for analysis. Sanitization: There are no instructions for sanitizing or escaping content read from external files before processing.
Audit Metadata