refactor-cleaner
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various CLI-based analysis tools and project test suites via the Bash tool to identify and verify code removal. It includes steps for rolling back changes if tests fail.
- [EXTERNAL_DOWNLOADS]: Uses package managers such as npx, pip, go, and mvnw to download and run established refactoring utilities from official registries. These are standard developer operations for the skill's stated purpose.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface when processing codebases. * Ingestion points: Uses Read, Grep, and Glob tools to scan codebase content. * Boundary markers: None specified to distinguish code logic from potential instructions embedded in comments or strings. * Capability inventory: Possesses Bash, Write, and Edit capabilities to modify the filesystem and execute shell commands. * Sanitization: No explicit sanitization or filtering of codebase content is performed before processing findings.
Audit Metadata