Skills
skills/costicapuntaru/agentica/request-refactor-plan/Gen Agent Trust Hub

request-refactor-plan

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from both the user interview process and the local repository files.
  • Ingestion points: User-provided problem descriptions (Step 1) and codebase exploration (Steps 2 and 6) in SKILL.md.
  • Boundary markers: None detected. The skill does not use delimiters or instructions to ignore embedded commands in the data it processes.
  • Capability inventory: The skill has read access to the local filesystem and the ability to create external content via GitHub issues.
  • Sanitization: No explicit sanitization or validation of the ingested content is mentioned before it is used to generate the GitHub issue.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to interact with GitHub for issue creation.
  • Evidence: Step 8 in SKILL.md explicitly instructs the agent to create a GitHub issue with the generated refactor plan.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 01:04 PM