code-cleanup
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill leverages the Bash tool to execute system commands for running test suites, linters, and managing git repositories. These operations are fundamental to the skill's purpose of validating refactored code.
- [DATA_EXFILTRATION]: Filesystem access via Grep, Glob, and Read tools allows the agent to identify unused assets and potential data leaks. No network exfiltration or unauthorized data transmission was found during analysis.
- [PROMPT_INJECTION]: The skill handles untrusted user code as input, creating an attack surface for indirect prompt injection. While malicious instructions in codebase files could target the analysis logic, the skill uses a structured multi-agent approach with a dedicated Critic agent to mitigate such risks.
Audit Metadata