agile-refinement
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs its stated purpose of linting and reviewing project artifacts. No evidence of malicious intent, data exfiltration, or unauthorized command execution was found.
- [PROMPT_INJECTION]: The skill analyzes external data (planning documents and code diffs), which represents a surface for indirect prompt injection where malicious instructions embedded in the files could attempt to influence the agent's analysis.
- Ingestion points: Reads content from files within the
planning/directory and code diffs from the working tree or specified branches (SKILL.md). - Boundary markers: The prompt instructions do not specify the use of delimiters or boundary markers (e.g., XML tags) to isolate the ingested file content from the agent's core instructions.
- Capability inventory: The skill utilizes the agent's capabilities to read files and generate text-based reports; it does not explicitly invoke high-risk tools like network requests or arbitrary shell execution for this analysis.
- Sanitization: No sanitization or validation of the processed data is described in the skill instructions.
Audit Metadata