review-agents-md
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes instructions from AGENTS.md and CLAUDE.md, creating a vulnerability surface where a malicious file could attempt to influence the agent's behavior.
- Ingestion points: Reads AGENTS.md and CLAUDE.md from the project root directory.
- Boundary markers: Absent; the skill does not explicitly differentiate between refactoring instructions and the data being refactored.
- Capability inventory: Limited to local file system operations (mv, ln -s, and file writing).
- Sanitization: Absent; the content is refactored and rewritten without explicit escaping.
- Command Execution (SAFE): The skill recommends standard shell commands (mv, ln -s) for organizing configuration files. These commands are restricted to the local environment and are appropriate for the skill's documentation-management purpose.
Audit Metadata