Architecture Critic

The architecture-critic skill is a legitimate tool designed to perform adversarial architectural reviews using the Anthropic API. The core logic in scripts/run-critic.sh snapshots codebase metadata (file tree, dependencies, and recent commits) and sends it to an LLM to evaluate a task brief against provided security and architectural checklists. The implementation demonstrates high security awareness, including explicit prompt-injection defenses using XML-style delimiters (<untrusted_data>), strict API key format validation, and transparent data-handling documentation in SECURITY.md and clawhub.yaml. No malicious behaviors such as unauthorized data exfiltration, persistence, or command execution were found.