codebase-cleanup-refactor-clean
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to analyze and refactor user-provided code, which creates a surface for indirect prompt injection.
- Ingestion points: Processes arbitrary code blocks provided as user input for refactoring in SKILL.md.
- Capability inventory: The agent can modify code, generate unit tests, and propose architectural changes.
- Boundary markers: Lacks explicit delimiters or instructions to the agent to treat code comments strictly as data and ignore any embedded commands.
- Sanitization: No input validation or sanitization is mentioned for the code being analyzed, allowing potential instructions in comments to influence agent behavior.
Audit Metadata