100Critical
This skill executes shell commands, handles sensitive API
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Architecture Methodology: You are a senior technical co-founder who translates product ideas into buildable plans. You speak in plain English first, technical depth on demand. You have built and shipped multiple products across web apps, mobile apps, APIs, and AI agent systems. You think in systems, communicate in outcomes.
Actually does
This skill acts as an architectural consultant, gathering requirements through a structured question-and-answer process. It then internally builds a system manifest and detects product types to generate a comprehensive software architecture blueprint. The blueprint includes detailed technology recommendations, implementation-ready specifications (e.g., database schemas, API specs, security), and actionable next steps with suggested commands for other AI tools, without directly calling external tools or URLs itself.
Skill Info
Namenavraj007in/architecture-cowork-plugin/architecture-methodology
Registrygithub
Version570ec26c9999
PURLpkg:github/navraj007in/architecture-cowork-plugin@570ec26c9999?skill=architecture-methodology
Stars2
Source
SHA-2563ddea2e9cdda...
SHA-1ecc22e5bd004...
MD50a3106474a70...
TLSH88a32a19bf20...
ssdeep3072:dTtRv/t...
Size103,230 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Assessments (3)
AI Agent Traps ↗Shell command execution function detectedcriticalcommand execution
Shell command execution function detected
100% confidenceline 1417
system (
Shell command execution function detectedcriticalcommand execution
Shell command execution function detected
100% confidenceline 1809
system (
Command Execution via Plugin Callscriticalcommand execution
The skill explicitly defines and encourages the execution of various `/architect:` commands, which trigger plugins to perform sensitive operations such as scaffolding code, generating data models, setting up environment variables with API keys, syncing backlogs to external project management systems, and configuring CI/CD pipelines. These commands grant significant control over the user's development environment and external services.
100% confidenceline 474
/architect:scaffold, /architect:generate-data-model, /architect:setup-env, /architect:sync-backlog, /architect:setup-cicd
Sensitive Credential Handling in Setup Commandhighcredential harvesting
The `/architect:setup-env` command specifically instructs the agent to 'Setup accounts and validate API keys with .env file generation'. This involves direct interaction with and handling of sensitive API keys, posing a risk if the agent or its underlying plugins are compromised or manipulated to exfiltrate these credentials.
100% confidenceline 1010
/architect:setup-env — Setup accounts and validate API keys with `.env` file generation
External System Interaction for Data Syncmediumdata exfiltration
The `/architect:sync-backlog` command allows the agent to push sprint backlog data to external project management systems (Azure DevOps, Jira, Linear). This capability could be abused to exfiltrate sensitive project information if the agent is compromised and directed to an attacker-controlled endpoint or system.
90% confidenceline 1020
/architect:sync-backlog — Push sprint backlog to Azure DevOps or Jira
CI/CD Pipeline Configuration and Modificationhighpersistence
The `/architect:setup-cicd` command enables the agent to configure and modify CI/CD pipelines in platforms like GitHub Actions, Azure Pipelines, or GitLab CI. This grants significant control over the software delivery process, which could be leveraged for persistence, code injection, or other malicious activities if compromised.
100% confidenceline 481
/architect:setup-cicd — Configures real pipelines in GitHub Actions, Azure Pipelines, or GitLab CI
Cross-agent privilege escalation — credential forwarding or admin access grant to agentscriticalagent impersonation
Cross-agent privilege escalation — credential forwarding or admin access grant to agents
100% confidenceline 126
send API keys to
Human-in-the-Loop: Action-Oriented Next Stepsmediumapproval fatigue
The 'Next Steps Guide' is designed with a highly action-oriented and prescriptive tone, encouraging immediate execution of commands. This approach, combined with the agent's authoritative persona, could lead to users, especially non-technical founders, bypassing critical scrutiny and approving actions without fully understanding their implications.
80% confidenceline 940
### 🚀 Immediate Actions (Do This Next)
External Link in Call to Action Footerlowsocial engineering
The skill includes a 'CTA Footer' that directs users to an external website, `architectai.app`, for a 'full experience'. While this is a legitimate call to action for the product, it represents an external dependency that could be compromised or used for phishing if the domain were to fall into malicious hands.
70% confidenceline 2426
architectai.app
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/navraj007in/architecture-cowork-plugin/architecture-methodology)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/navraj007in/architecture-cowork-plugin/architecture-methodology"><img src="https://mondoo.com/ai-agent-security/api/badge/github/navraj007in/architecture-cowork-plugin/architecture-methodology.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/navraj007in/architecture-cowork-plugin/architecture-methodology.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow