naming-format
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from the local project, such as filenames, package.json dependencies, and source code exports, which creates a surface for indirect prompt injection. There are no boundary markers or instructions to ignore potential commands embedded in this data.
- [COMMAND_EXECUTION]: The skill performs file system operations using
git mvand modifies source code to update import paths, which are capabilities that can be triggered based on the analysis of untrusted project data.
Audit Metadata