refactor-skill-structure
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified through documentation processing. \n
- Ingestion points: Reads content from 'skills//SKILL.md' for analysis and extraction (Step 1 and Step 2). \n
- Boundary markers: Absent. The skill does not provide instructions to the agent to treat the content being refactored as data rather than instructions. \n
- Capability inventory: Employs 'Read', 'Write', 'Edit', 'Grep', and 'Glob' tools, and executes shell commands including 'wc', 'grep', 'mkdir', and 'git diff' to manipulate the local filesystem. \n
- Sanitization: None. Content is extracted and rewritten to 'SKILL.md' and 'references/EXAMPLES.md' without validation or filtering.
Audit Metadata