simplify
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to run the project's existing lint or build commands to verify refactoring changes. This involves executing scripts defined within the project's own configuration (e.g., package.json or a Makefile) to ensure code integrity after modification, which is standard behavior for development utilities.
- [PROMPT_INJECTION]: The skill is designed to ingest and process target code files provided by the user, creating an attack surface for indirect prompt injection. Malicious instructions embedded in code comments or strings within the processed files could attempt to influence the behavior of the sub-agent.
- Ingestion points: Target files or directories provided by the user (SKILL.md).
- Boundary markers: The skill instructions aim to isolate the sub-agent by providing a clean context window, though no explicit delimiters are defined to separate the code content from the agent's instructions.
- Capability inventory: The agent has the authority to modify files and execute local build/lint commands (SKILL.md).
- Sanitization: No sanitization or filtering of the input code is performed, as the agent requires the full content to perform refactoring.
Audit Metadata