component-refactoring
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill defines standard patterns for improving React component maintainability (hook extraction, component splitting, early returns) without introducing external dependencies or remote execution risks.
- [COMMAND_EXECUTION]: The skill utilizes project-local CLI tools such as
pnpm analyze-componentandpnpm refactor-component, as well as standard development commands likepnpm test,pnpm lint:fix, andpnpm type-check:tsgo. These operations are conducted on local source files and are appropriate for the described development workflow. - [PROMPT_INJECTION]: The skill involves processing local React component source code which constitutes an indirect prompt injection surface. Ingestion points: Source files at user-specified paths are analyzed by pnpm-based tools. Boundary markers: No explicit markers are used to delimit untrusted code from agent instructions. Capability inventory: The skill uses subprocess execution for linting and testing (SKILL.md). Sanitization: No sanitization of the input source code is performed before analysis. The risk is assessed as minimal as the skill focuses on structural metrics and established coding patterns.
Audit Metadata