dry-principle
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to provide code review and refactoring guidance based on established software engineering principles. No malicious intent was detected.
- [COMMAND_EXECUTION]: The SKILL.md file contains a 'Memory Protocol' instructing the agent to execute a local read command (
cat .claude/context/memory/learnings.md). This is a standard pattern for persistent context in agentic workflows and does not target sensitive system configuration files. - [PROMPT_INJECTION]: The skill has an inherent surface for indirect prompt injection because it is designed to read and process arbitrary code files.
- Ingestion points: The skill can read any file matching the glob '**/.' using the provided 'Read' tool.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the analyzed code are present.
- Capability inventory: The skill possesses 'Read', 'Write', and 'Edit' capabilities, which are necessary for its stated purpose of code refactoring.
- Sanitization: There is no evidence of sanitization or content validation for the files ingested by the agent.
Audit Metadata