Skills
skills/tirth8205/code-review-graph/Refactor Safely/Gen Agent Trust Hub

Refactor Safely

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it instructs the agent to ingest and process external code which may contain malicious instructions designed to influence agent behavior.
  • Ingestion points: Code provided by the user or read from the workspace via refactor_tool and get_minimal_context (referenced in SKILL.md).
  • Boundary markers: Absent. There are no instructions to the agent to use delimiters or to disregard natural language instructions found within comments or strings in the code being refactored.
  • Capability inventory: The skill includes the apply_refactor_tool which allows the agent to modify files in the local environment.
  • Sanitization: Absent. The skill does not define any validation or sanitization steps for the content being processed before it is used to influence the refactoring plan.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 11:18 AM