refactor
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): 1. Ingestion points: $ARGUMENTS variable in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: No subprocess calls, exec/eval, file-write, or network operations detected; output is limited to text display only. 4. Sanitization: Absent. As the skill only processes external code to provide refactoring suggestions and lacks side-effect capabilities, the severity is classified at the lowest level (INFO/LOW).
- Prompt Injection (SAFE): The prompt uses a standard persona and does not contain commands to bypass filters or override instructions.
- Data Exposure & Exfiltration (SAFE): No access to sensitive file paths or network domains was found.
- Unverifiable Dependencies & RCE (SAFE): The skill does not install external packages or download remote scripts.
Audit Metadata