Skills
skills/caidanw/skills/typescript-refactoring/Gen Agent Trust Hub

typescript-refactoring

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run various shell commands for project assessment and verification, including npm run build, npm test, find, wc, and git log in SKILL.md, as well as grep and find in references/smell-catalog.md and references/transformation-playbook.md.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection as it processes untrusted source code and executes build or test scripts defined within that code.
  • Ingestion points: The skill reads and analyzes TypeScript source files matching *.ts, *.tsx, *.mts, and *.cts globs as specified in SKILL.md.
  • Boundary markers: No specific delimiters or safety instructions are provided to the agent to distinguish between the codebase content and its own operational instructions.
  • Capability inventory: The agent is guided to use shell execution capabilities via npm scripts and standard CLI tools like git, grep, and find.
  • Sanitization: The skill does not include steps to sanitize code content or validate the safety of project-defined test and build scripts before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 12:45 AM
Security Audit — agent-trust-hub — typescript-refactoring