Skills
skills/chaorenex1/coding-workflow/code-refactoring-assistant/Gen Agent Trust Hub

code-refactoring-assistant

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): Significant Indirect Prompt Injection vulnerability surface (Category 8).
  • Ingestion points: The script refactoring_assistant.py ingests codebase metadata, file paths, and dependency information via the input_data JSON object, which typically contains content from the user's repository.
  • Boundary markers: The skill does not implement boundary markers, XML-style tags, or explicit 'ignore instructions' warnings when processing this codebase data.
  • Capability inventory: The skill generates changes.diff objects representing code modifications. According to SKILL.md and HOW_TO_USE.md, the agent is expected to apply these changes using tools like Bash or git, creating a high-privilege write-capability loop that can be exploited by malicious instructions embedded in the codebase.
  • Sanitization: There is no sanitization or verification of the input data to prevent embedded instructions from influencing the agent's logic during analysis or execution stages.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:12 PM