skill-refiner
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to detect and validate the presence of external AI CLI harnesses such as Claude Code, Codex, and Aider. These probes include checking for binary existence, configuration file presence, and running basic smoke tests to ensure functionality.
- [DYNAMIC_EXECUTION]: During the 'Meta-Improvement' phase (Phase 2), the skill is designed to propose and apply changes to its own shell-based validation scripts (e.g., lint-skills.sh). It then executes these modified scripts to perform regression testing against established baselines.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading and processing external SKILL.md files to generate behavioral tests and improvement suggestions. This ingestion of untrusted instructional data is mitigated by a scoring model that requires directional improvement and a non-configurable human review gate during phase transitions.
Audit Metadata