auto-postwrite-refactor
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill instructions do not contain any malicious patterns such as direct prompt injection, obfuscation, or data exfiltration. The logic is focused entirely on code quality improvements.\n- [COMMAND_EXECUTION]: The skill instructs the agent to use
git diffto identify modified files. This is a standard development practice for scoping tasks and does not involve risky or unauthorized commands.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it processes code edits that could contain malicious instructions. However, the risk is minimal as the skill only performs structural refactoring and does not execute the processed content.\n - Ingestion points: Modified files identified via git tools (SKILL.md).\n
- Boundary markers: No explicit delimiters or instructions are used to separate code from potential embedded commands.\n
- Capability inventory: Reads file changes via
git diff; modifies code through the agent's writing capabilities. No network or privilege escalation tools are utilized.\n - Sanitization: There is no specified logic to sanitize or validate the code content before the refactoring process is applied.
Audit Metadata