163-java-profiling-refactor
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run
./mvnw clean verifyormvn clean verify. This is a routine action in Java development to build and test code using the Apache Maven project management tool. - [PROMPT_INJECTION]: The skill processes external data from local documentation files, which presents a surface for indirect prompt injection.
- Ingestion points: Reads from
docs/profiling-problem-analysis-YYYYMMDD.mdanddocs/profiling-solutions-YYYYMMDD.md(SKILL.md, references/163-java-profiling-refactor.md). - Boundary markers: Absent; instructions do not specify delimiters or ignore-behavior for the read content.
- Capability inventory: Includes file system modification (code refactoring) and shell command execution (Maven).
- Sanitization: Absent; rely on the agent's core safety instructions when interpreting the content of the documentation files.
- [SAFE]: No malicious patterns such as data exfiltration, obfuscation, or persistence mechanisms were detected. The use of Maven is a well-known and expected practice for the stated purpose of the skill.
Audit Metadata