refactoring-code
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines an indirect prompt injection surface as it requires the agent to ingest and analyze untrusted code logic provided by users.\n
- Ingestion points: Phase 1 involves reading code to understand its purpose and finding call sites using Grep.\n
- Boundary markers: Absent. The instructions do not specify any delimiters or safety markers to differentiate between code logic and malicious instructions hidden in comments.\n
- Capability inventory: The skill utilizes search tools (Grep) and references other agent capabilities for test writing and debugging, which could be manipulated by successful injection.\n
- Sanitization: Absent. There is no mention of filtering or validating the content of the ingested code files.
Audit Metadata