code-refactoring
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is strictly instructional and focuses on improving code quality through established refactoring patterns. No malicious instructions or hidden behavior were identified.\n- [COMMAND_EXECUTION]: The skill mentions the use of development tools like
npm,npx, andtscfor verifying code changes. These commands are localized to the development environment and are standard for the described tasks.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided source code, which serves as an untrusted input surface. Malicious instructions could be embedded in code comments, though this is a baseline risk for all code-processing skills. The skill relies on standard linting and testing for validation.\n - Ingestion points: User-provided source code processed during refactoring steps (SKILL.md).\n
- Boundary markers: No specific boundary markers or 'ignore' instructions are provided for the agent to separate code from embedded comments.\n
- Capability inventory: Use of shell execution via
npmandnpxto run tests and linters (Step B and Workflow Example).\n - Sanitization: No input sanitization is described for the code being processed.
Audit Metadata