rails-refactorer
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to analyze and refactor external codebases that could contain malicious instructions. \n
- Ingestion points: Reads code files from the local filesystem using
Read,Grep, andGlobtools. \n - Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions embedded within the source code it is refactoring. \n
- Capability inventory: The agent has access to
Bash,Edit, andWritetools, which could be used to execute commands or inject malicious code back into the project. \n - Sanitization: The skill lacks mechanisms to sanitize or validate the content of the files it processes. \n- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to run test suites (e.g., RSpec or Minitest) as part of the refactoring process. This capability could be exploited to execute arbitrary code if the codebase being analyzed contains malicious tests.
Audit Metadata