141-java-refactoring-with-modern-features
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to execute build commands such as
./mvnw compileandmvn clean verify. While these are standard for Java development, they grant the agent the ability to execute shell commands in the project's context. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes untrusted Java source code and has the capability to run shell commands. 1. Ingestion points: Java source files in the project directory. 2. Boundary markers: Absent; there are no delimiters to separate user code from agent instructions. 3. Capability inventory: Shell command execution via Maven commands defined in SKILL.md and references/141-java-refactoring-with-modern-features.md. 4. Sanitization: Absent; the skill does not include logic to escape or validate the contents of the processed files.
Audit Metadata