naming-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to analyze arbitrary code provided by the user, which presents a surface for indirect prompt injection if the input contains malicious instructions in comments or metadata.\n
- Ingestion points: Source code files, directories, database schemas, and API definitions (SKILL.md).\n
- Boundary markers: Absent. The instructions do not specify delimiters or provide warnings to ignore embedded instructions within the analyzed data.\n
- Capability inventory: The skill is intended for use with an agent that has file read/write permissions to analyze code and generate refactoring scripts.\n
- Sanitization: Absent. No input validation or sanitization is mentioned.\n- Dynamic Execution (LOW): The skill proposes the generation of refactoring scripts based on potentially untrusted input, which is a form of dynamic code generation.
Audit Metadata