refactor
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted code selections which could contain malicious instructions.
- Ingestion points: Code selection provided via the argument-hint and the Read tool.
- Boundary markers: None are specified to delimit user-provided code from instructions.
- Capability inventory: The skill uses Write, Edit, and SlashCommand (lint and test), providing a surface for impact if instructions are followed.
- Sanitization: No sanitization or validation of the input code is performed.
- Command Execution (SAFE): Use of SlashCommands for linting and testing is appropriate for a refactoring tool and uses internal agent capabilities.
Audit Metadata