unify
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a standard software engineering workflow for refactoring. It emphasizes 'archaeology surveys' and behavior preservation, requiring user approval for any changes to externally observable behavior.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data in the form of codebase content, git history, and LLM-facing instruction text (system prompts or tool descriptions found in the source). This constitutes an indirect prompt injection surface. The risk is mitigated by the 'archaeology survey' design, which uses parallel subagents to synthesize reports rather than directly executing content found in the data, and by the mandatory human-in-the-loop review process for all proposed changes.
Audit Metadata