check-refine-trpc
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists exclusively of instructional documentation and static code examples. It does not perform any network operations, access sensitive files, or execute arbitrary code.
- [PROMPT_INJECTION]: The skill's primary function is to process untrusted source code (React component files). This creates a surface for indirect prompt injection where instructions embedded in code comments could attempt to influence the agent's refactoring suggestions.
- Ingestion points: React components and page files (.tsx, .jsx) as mentioned in SKILL.md and references/checklist.md.
- Boundary markers: None identified; instructions do not specify delimiters for the analyzed code.
- Capability inventory: The skill provides logic for scanning files and generating refactoring advice.
- Sanitization: No sanitization or validation of the input source code content is specified.
Audit Metadata