refactor-code
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes project files which could contain hidden malicious instructions that might influence the agent. 1. Ingestion points: Reads local files via Read, Grep, Glob, and git diff. 2. Boundary markers: No explicit delimiters or ignore instructions used for ingested code. 3. Capability inventory: High-privilege access to Bash, Edit, and Write tools. 4. Sanitization: No content filtering or escaping of the ingested code.
Audit Metadata