Skills
skills/sharex/xerahs/Refactoring Audit Workflow/Gen Agent Trust Hub

Refactoring Audit Workflow

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its code analysis features.\n
  • Ingestion points: The skill uses view_file and grep_search to read untrusted content from the project's source files during the audit process.\n
  • Boundary markers: There are no specific delimiters or system instructions provided to ensure the agent ignores malicious commands potentially embedded in code comments or strings within the analyzed files.\n
  • Capability inventory: The agent is empowered to write to the filesystem (e.g., refactoring_plans.md) and execute the gh CLI tool to create issues on remote repositories.\n
  • Sanitization: The skill does not specify any sanitization or validation steps for content extracted from the codebase before it is used in downstream tasks such as drafting refactoring plans or submitting GitHub issues.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 08:08 PM