classname-refactor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill identifies a surface for indirect prompt injection as it processes untrusted external data (user-provided code files).
- Ingestion points: Standard Process Step 1 and 2 in
SKILL.mddefine recursive reading of.tsx,.jsx, and.vuefiles. - Boundary markers: Absent. The skill does not instruct the agent to ignore instructions embedded within the processed code files.
- Capability inventory: Capability to recursively list directories, read files, and output modified code (Standard Process Steps 1-4).
- Sanitization: Absent. There is no escaping or validation of the content read from files before it is processed by the agent.
- Data Exposure & Exfiltration (SAFE): The skill reads local project files for refactoring purposes. No sensitive file paths (e.g.,
.ssh,.env) are targeted, and no network exfiltration patterns were detected. - Remote Code Execution (SAFE): The skill performs text transformations and does not download or execute external scripts or packages.
Audit Metadata