Skills
skills/l-mb/python-refactoring-skills/py-refactor/Gen Agent Trust Hub

py-refactor

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes well-known Python quality and security tools such as ruff, bandit, radon, vulture, and mypy, which are standard in the development ecosystem.
  • [COMMAND_EXECUTION]: The orchestrator executes CLI-based analysis tools (e.g., bandit, radon, pytest) to evaluate the codebase, which is consistent with its stated purpose of refactoring.
  • [PROMPT_INJECTION]: The skill identifies a surface area for indirect prompt injection as it processes external source code. Ingestion points: Python files in the target project (SKILL.md). Boundary markers: None explicitly defined in the orchestration scripts. Capability inventory: Subprocess execution of various analysis tools across all project files (SKILL.md, WORKFLOWS.md). Sanitization: Relies on the security/quality tools' own parsing logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 01:34 PM