legacy-modernizer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): The skill possesses a vulnerability surface for indirect prompt injection due to its core function of processing untrusted external codebases.\n
- Ingestion points: Legacy codebases, framework files, and database schemas identified in the Focus Areas.\n
- Boundary markers: Absent; there are no instructions to use delimiters or to disregard embedded natural language instructions within the processed code.\n
- Capability inventory: The skill is capable of reasoning over and generating refactored code, migration plans, and test suites.\n
- Sanitization: Absent; no methods for validating or escaping external content are specified.\n- NO_CODE (INFO): The skill is purely instructional and contains no executable code, remote dependencies, or binary components, which significantly limits the potential for direct system compromise.
Audit Metadata