agent-md-refactor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- NO_CODE (SAFE): The skill consists exclusively of Markdown instructions and documentation. No executable scripts, binaries, or external code dependencies are included.
- PROMPT_INJECTION (LOW): The skill demonstrates an attack surface for Indirect Prompt Injection (Category 8) as it is designed to analyze and restructure untrusted instruction files. 1. Ingestion points: The skill reads project-level files like CLAUDE.md and AGENTS.md which are user-controlled. 2. Boundary markers: There are no specific delimiters or instructions to ignore embedded commands within the files being processed. 3. Capability inventory: The agent uses file-read and file-write capabilities to perform the refactoring. 4. Sanitization: No sanitization logic is present to filter malicious instructions from the source files.
Audit Metadata