improve-codebase-architecture
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The generated HTML report fetches styling and diagram scripts from well-known and established public CDNs (
cdn.tailwindcss.comandcdn.jsdelivr.net). This is standard behavior for document rendering and does not represent a security risk. - [COMMAND_EXECUTION]: The skill uses platform-appropriate system commands (
xdg-open,open, orstart) to display the generated architectural report in the user's default browser. This is an intended user-experience feature for report visualization. - [PROMPT_INJECTION]: The skill processes project-specific data (glossaries, ADRs, and source code) to inform its architectural review, creating an indirect prompt injection surface.
- Ingestion points: Reads
CONTEXT.md, architecture decision records indocs/adr/, and explores the project via a subagent. - Boundary markers: No explicit markers are used to differentiate project data from agent instructions.
- Capability inventory: The skill can write files to the local temporary directory and execute system commands to open the web browser.
- Sanitization: There is no explicit sanitization described for the codebase content before it is incorporated into the agent's analysis or the HTML output.
Audit Metadata