skill-benchmark

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard shell utilities (find, wc, cat) to analyze project structure and read configuration files like AGENTS.md. These commands are used for introspection and do not perform any destructive actions or network exfiltration.
  • [DATA_INDIRECT_INJECTION]: The skill ingests external project data, including source code and evaluation JSON files, to perform its refactoring tasks. This creates a potential surface for indirect prompt injection if the ingested files contain malicious instructions.
  • Ingestion points: Project source files (src/*.ts, src/*.tsx), AGENTS.md, and evals/evals.json.
  • Boundary markers: No specific boundary markers or 'ignore' instructions are used when processing the contents of these files.
  • Capability inventory: The agent performs file system reads and provides refactoring suggestions based on the ingested data.
  • Sanitization: No sanitization or validation of the external file content is performed before it is used to influence the agent's logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 10:17 PM
Security Audit — agent-trust-hub — skill-benchmark