legacy
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- NO_CODE (SAFE): The skill consists entirely of documentation, architectural diagrams, and illustrative code snippets in Python and JavaScript. It does not perform any automated actions, execute shell commands, or make network requests.
- INDIRECT_PROMPT_INJECTION (LOW): While the skill is designed to process legacy codebases (untrusted data), it lacks any built-in capabilities to execute commands or write files, meaning there is no attack surface for code-based exploitation. The risk is limited to the AI's interpretation of the provided guidance.
- EXTERNAL_DOWNLOADS (SAFE): References to standard libraries like 'six' and the '2to3' tool are for migration guidance and do not involve unauthorized or hidden downloads.
Audit Metadata