refactor
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill invokes local developer tools (pytest, ruff, mypy) and a project-local script (bin/ci-local). These operations are confined to the local environment and are standard for code quality and testing workflows.
- [REMOTE_CODE_EXECUTION] (SAFE): No patterns of downloading and executing remote scripts (e.g., curl | bash) were detected.
- [DATA_EXFILTRATION] (SAFE): The skill does not access sensitive files (like SSH keys or AWS credentials) or perform network requests to external domains.
- [PROMPT_INJECTION] (SAFE): The instructions are focused on refactoring tasks and do not contain attempts to bypass AI safety guardrails or extract system prompts.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes target code (Ingestion Point: Phase 1 Analysis in SKILL.md) and executes tests (Capability: uv run pytest, bin/ci-local). While boundary markers and sanitization are absent, the risk is minimal as the operations use standard local toolchains for their intended engineering purpose.
Audit Metadata