refactoring
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection through the code it analyzes. Ingestion points: The
codeparameter inSKILL.mdaccepts arbitrary input. Boundary markers: Absent; the skill lacks specific instructions or delimiters to isolate the code from the agent's control flow. Capability inventory: The skill produces refactored code intended for agent use, potentially leading to the execution of malicious instructions embedded in comments. Sanitization: No sanitization is performed on input code strings to strip instructions or handle nested prompts.
Audit Metadata