Skills
skills/0xsero/parchi/refactor-worker/Gen Agent Trust Hub

refactor-worker

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands for development tasks including npm run test, npm run typecheck, npm run build, npm run lint, and wc. It also uses git for diffing and managing the repository state.
  • [PROMPT_INJECTION]: The skill contains instructions to bypass local environment constraints, specifically directing the agent to use the --no-verify flag with git commit to circumvent pre-commit hooks and to manually unstage changes in configuration files like package.json.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill is designed to ingest and process external TypeScript files which constitutes an indirect injection surface.
  • Ingestion points: Files specified in the <files-to-refactor> and <affected-files> placeholders (SKILL.md).
  • Boundary markers: Absent; there are no specific instructions to delimit or treat the code content as untrusted data.
  • Capability inventory: The agent has access to npm run (which can execute arbitrary scripts defined in the local environment), git, and file system read/write operations (SKILL.md).
  • Sanitization: Absent; the skill does not specify any sanitization or validation of the content within the files being refactored.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 04:01 AM
Security Audit — agent-trust-hub — refactor-worker