Skills
skills/evanfang0054/cc-system-creator-scripts/refactor-check/Gen Agent Trust Hub

refactor-check

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) as it processes untrusted data from local source code files.
  • Ingestion points: The skill reads source files using Read, Grep, and Glob tools to analyze code structure and imports.
  • Boundary markers: There are no explicit instructions to the agent to ignore embedded instructions or comments within the processed files.
  • Capability inventory: The skill utilizes Bash to run tests and perform file system operations (e.g., find, sed for auto-fixing).
  • Sanitization: No sanitization or validation of the content read from files is performed before processing.
  • [COMMAND_EXECUTION]: The skill includes instructions for executing shell commands to modify or delete files.
  • Evidence: The 'Auto Repair' section includes sed for batch string replacement in source files and find with the -delete flag to remove empty files.
  • Mitigation: The YAML frontmatter attempts to restrict Bash usage to specific test and compile commands (npm test:*, yarn test:*, npx tsc:*), which limits the execution surface compared to the examples in the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 06:55 AM