refactor-loop
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to automate a refactoring workflow by executing various CLI tools including
unilyze,git,jq, anddotnet. These commands are used to calculate code health metrics, identify high-churn files, and execute test suites. While standard for developer tools, these commands run with the agent's privileges over the local filesystem. - [PROMPT_INJECTION]: The skill processes external, potentially untrusted data which creates an indirect prompt injection surface (Category 8).
- Ingestion points: The skill reads project source code and JSON-formatted metrics from files like
quality-audit.jsonandrefactor-before.jsoninto the agent's context. - Boundary markers: There are no explicit instructions or delimiters defined to separate the processed source code or JSON data from the agent's internal instructions.
- Capability inventory: The skill allows for shell command execution (
unilyze,dotnet test,git) and file system modifications (writing to.unilyze/and refactoring code). - Sanitization: No sanitization or verification steps are specified for the content of the source code or the metric data before it is processed by the agent.
Audit Metadata