refactoring-packages
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided source code for analysis, which creates a surface for indirect prompt injection via code comments or file content. Ingestion points: Code symbols and directory structures are read using mcp__serena__list_dir and mcp__serena__get_symbols_overview. Boundary markers: No specific delimiters or safety instructions are defined to separate code content from instructions. Capability inventory: The skill specifies the ability to move files and modify imports during refactoring. Sanitization: No explicit validation or sanitization of input code is documented.
- [COMMAND_EXECUTION]: The skill performs filesystem operations including directory creation and file relocation to implement refactoring proposals as described in the workflow.
Audit Metadata