refactoring-code
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted user code files. Ingestion points: The Phase 1 analysis instructions for sub-agents in SKILL.md. Boundary markers: No specific delimiters or instructions to ignore embedded content are present. Capability inventory: The skill has the ability to read and write files and execute shell commands for testing. Sanitization: There is no evidence of sanitization or validation of the input code.
- [COMMAND_EXECUTION]: The skill instructs the agent to 'Run tests' to verify refactorings in Phase 3. This involves the execution of shell commands within the project's environment which could be leveraged by malicious code in the test suite.
Audit Metadata