Skills
skills/sirn/dotfiles/code-refactor/Gen Agent Trust Hub

code-refactor

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Jujutsu (jj) version control system to gather context. It executes commands such as jj diff -s and jj diff -- path to analyze code changes.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via external data sources.
  • Ingestion points: The skill ingests untrusted data from the web using WebFetch and processes local code via jj diff output.
  • Boundary markers: No specific delimiters or instructions are provided to the agent to distinguish between its own instructions and the content being processed.
  • Capability inventory: The skill can execute shell commands (jj) and spawn additional sub-agents via the Task tool.
  • Sanitization: There is no evidence of sanitization or validation of the ingested content before it is processed or passed to other agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 03:06 AM