framework-migration-code-migrate
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted source code which presents a surface for indirect prompt injection. (1) Ingestion points: External source codebase provided by the user. (2) Boundary markers: Absent; no delimiters or instructions to ignore embedded code-level prompts are provided. (3) Capability inventory: Skill generates automated migration scripts and code transformations. (4) Sanitization: Absent; no validation or escaping of input code content is performed.
- [Dynamic Execution] (LOW): The skill is designed to generate executable migration scripts and transformations from source code templates, which is standard for its stated purpose.
Audit Metadata