refactoring-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions focus on analyzing local source code and generating architectural reports. No external network requests or unauthorized data transfers are initiated.\n- [SAFE]: The included Python script (scripts/validate-metadata.py) is a local utility for validating metadata strings. It uses standard libraries (re, sys, argparse) and performs no dangerous operations such as executing shell commands, accessing the network, or reading/writing sensitive files.\n- [PROMPT_INJECTION]: The skill processes untrusted data by reading codebase files (Step 2 in SKILL.md), which is a surface for indirect prompt injection. \n
- Ingestion points: Reads files from a user-specified directory or the entire project (SKILL.md). \n
- Boundary markers: No specific delimiters or 'ignore' instructions are used when reading source files. \n
- Capability inventory: The agent can read files and write reports to the local filesystem (docs/_refacs/). \n
- Sanitization: No sanitization of the analyzed code content is performed before processing.
Audit Metadata