extract
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of natural language instructions for refactoring code and managing design systems. No executable code or malicious logic was found.
- [NO_CODE]: There are no scripts, binaries, or configuration files provided with this skill; it relies solely on the agent's ability to follow text-based workflows on source code.
- [PROMPT_INJECTION]: The use of instructional directives like 'CRITICAL' and 'IMPORTANT' is focused on design system architecture (e.g., asking before creating a new system) and does not attempt to bypass agent safety filters or override system-level instructions.
- [DATA_EXFILTRATION]: No sensitive file paths, credential markers, or network-enabled commands (such as curl or wget) are present in the skill instructions.
- [COMMAND_EXECUTION]: While the skill mentions using 'grep' to find patterns, this is an instruction for the agent to use its existing tool capabilities for searching source code, rather than an attempt to execute arbitrary or dangerous shell commands.
- [SAFE]: The skill's analysis of local source code for pattern extraction is a low-risk surface for indirect prompt injection given the lack of dangerous capabilities or network access.
Audit Metadata