Skills
skills/mattpocock/skills/request-refactor-plan/Gen Agent Trust Hub

request-refactor-plan

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface through the ingestion of untrusted data.
  • Ingestion points: The skill instructs the agent to 'Explore the repo' (Step 2), 'check for test coverage' (Step 6), and interview the user (Steps 1, 4).
  • Boundary markers: The instructions lack delimiters or explicit directives to ignore embedded instructions within the repository files or user-provided implementation details.
  • Capability inventory: The agent has the capability to write to external services by creating GitHub issues (Step 8).
  • Sanitization: No sanitization or escaping mechanisms are specified before content from the repository or user input is interpolated into the GitHub issue template.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 06:26 PM