agent-md-refactor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- No Code (SAFE): The skill consists entirely of Markdown instructions and contains no scripts, binaries, or remote dependencies.
- Indirect Prompt Injection (LOW): The skill refactors agent instructions from files which may contain untrusted data. 1. Ingestion points: Reads content from AGENTS.md, CLAUDE.md, and COPILOT.md. 2. Boundary markers: No delimiters are specified to isolate processed content from system instructions. 3. Capability inventory: Uses the agent's ability to read from and write to the local filesystem to create organized file structures. 4. Sanitization: No input validation or sanitization is performed on the refactored text.
Audit Metadata