code-refactoring
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection.\n
- Ingestion points: The agent is instructed to process and refactor legacy codebases, which constitute untrusted external data (SKILL.md).\n
- Boundary markers: There are no instructions to use delimiters or ignore embedded instructions within the processed code files.\n
- Capability inventory: The skill has extensive shell execution capabilities including git, npm, npx, kubectl, and curl across multiple scripts (SKILL.md, references/compliance-checklist.md).\n
- Sanitization: No sanitization or validation of the input source code is specified before processing or executing related commands.\n- [COMMAND_EXECUTION]: The skill provides numerous commands for the agent to execute in the local environment.\n
- It includes version control and build commands using git and npm (SKILL.md).\n
- It utilizes analysis and linting tools such as complexity-report, eslint, and tsc (references/advanced-techniques.md).\n
- It defines deployment and rollback operations using kubectl and curl for interacting with local APIs and feature flag services (references/compliance-checklist.md).\n- [EXTERNAL_DOWNLOADS]: The skill incorporates the use of various external tools and libraries from well-known registries.\n
- It uses npx to download and run utilities like jscodeshift, autocannon, artillery, and stryker from the npm registry (SKILL.md, references/compliance-checklist.md).\n
- It provides instructions for installing project dependencies via npm, pip, and bundle.
Audit Metadata