extract
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to search the local filesystem using tools like
grepto identify existing components and patterns. This is standard behavior for a code refactoring utility. - [PROMPT_INJECTION]: The skill processes local source code which acts as untrusted input. There is a potential for indirect prompt injection if malicious instructions are embedded in comments or strings within the codebase being analyzed. However, this is an inherent risk for any code-analysis tool and no specific exploits were found.
- Ingestion points: Reads local source files (via
grepand file analysis) to identify UI patterns. - Boundary markers: Not explicitly defined in the instructions.
- Capability inventory: Performs file reads, file edits (replacing instances), and file deletions (removing dead code).
- Sanitization: No specific sanitization or escaping of file content is described before processing.
Audit Metadata