migration
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or unauthorized access patterns were detected. The skill uses standard placeholders and references internal project documentation appropriately.- [PROMPT_INJECTION]: The skill handles untrusted user input via the
$ARGUMENTSplaceholder within<migration-description>tags, identifying an indirect prompt injection surface. This is mitigated by the explicit requirement to present designs and obtain user consent before any filesystem changes. - Ingestion points: User input is ingested into
SKILL.mdvia the$ARGUMENTSvariable. - Boundary markers: The input is enclosed in
<migration-description>XML-style tags. - Capability inventory: The skill is designed to generate migration files, implying file-write capabilities.
- Sanitization: There is no programmatic sanitization; however, the skill mandates a human-in-the-loop approval step before file operations.
Audit Metadata