code-refiner
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git diffcommands to determine the scope of changes and runs a bundled Python script (scripts/complexity_report.py) to calculate code metrics. - [COMMAND_EXECUTION]: In the verification phase, the agent is instructed to run test suites and linters (e.g.,
eslint,pytest,cargo test) discovered in the project environment. Executing tools from untrusted repositories poses a risk of arbitrary code execution if the repository configures these tools to run malicious scripts. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it reads and analyzes external source code which could contain instructions meant to subvert the agent's logic.
- Ingestion points: Source files identified during reconnaissance (Phase 1) and read for analysis.
- Boundary markers: Absent; the instructions do not specify using delimiters or explicit 'ignore' instructions for content found within the analyzed code.
- Capability inventory: Execution of git commands, a local complexity analysis script, and environment-specific test/linter binaries.
- Sanitization: Absent; the code is parsed and analyzed in its raw form without filtering for potential injection patterns.
Audit Metadata