request-refactor-plan
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill proactively addresses data exposure risks by instructing the agent not to include specific file paths or code snippets in the 'Decision Document' section of the generated GitHub issue.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it integrates information from the existing codebase and user interviews into its final output.
- Ingestion points: Codebase exploration in Step 2 and user interview steps 1, 4, and 6.
- Boundary markers: No explicit delimiters are used to isolate ingested content from instructions.
- Capability inventory: The agent performs local repository reads and creates issues via the GitHub API.
- Sanitization: Ingested content is organized within a structured Markdown template in Step 8, providing logical partitioning of data.
Audit Metadata