refactor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill utilizes the
codex execandpnpm typecheckcommands to perform its tasks. These commands interact directly with the host shell environment. - [PROMPT_INJECTION] (LOW): The skill has a surface for indirect prompt injection because it ingests and processes untrusted code files. * Ingestion points: Source code files or modules targeted for refactoring. * Boundary markers: Absent; the code is passed directly as a target to the codex CLI. * Capability inventory: Shell command execution, local file writing to
/tmp/codex-refactor.md, and automated git commits. * Sanitization: The skill does not perform any validation or sanitization of the code contents before processing.
Audit Metadata