code-refactoring
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run local shell commands to validate that refactoring preserved the original code's behavior.
- Evidence: The 'Behavior Validation' section in SKILL.md describes using npm test, npx tsc, and npm run lint for verification.
- Context: These are standard and expected operations for a developer tool focusing on code quality.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it is designed to ingest and process code from external or user-provided sources.
- Ingestion points: Code provided to the agent for refactoring as described in the instructions.
- Boundary markers: The skill uses markdown code blocks to delimit input but does not explicitly instruct the agent to ignore potentially malicious commands embedded in comments within the code.
- Capability inventory: The skill utilizes shell command execution for testing and linting, and integrates with external tools like ask-gemini and codex-cli.
- Sanitization: There is no mention of input validation or sanitization for the code being processed.
Audit Metadata