fdt-refactor-mock-to-fake
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as
Grepfor code discovery anduv run pytestfor verification. These are restricted to the local environment and are part of the intended development workflow. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and modifies untrusted source code which could contain malicious instructions designed to influence the agent's refactoring logic.
- Ingestion points: Reads local Python files and test files.
- Boundary markers: Absent. The skill does not provide specific delimiters or instructions to ignore embedded commands within the files being processed.
- Capability inventory: The skill has file-write permissions (modifying and creating Python scripts) and local command execution capabilities (running tests).
- Sanitization: Absent. The skill transforms code patterns based on input file content without sanitization or validation of the input strings.
Audit Metadata