Skills
skills/levnikolaevich/claude-code-skills/ln-512-tech-debt-cleaner/Gen Agent Trust Hub

ln-512-tech-debt-cleaner

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by processing audit findings from external files to drive code modifications and command execution.
  • Ingestion points: Findings are loaded from docs/project/codebase_audit.md and ln-511 code quality output as specified in the Workflow (Step 1).
  • Boundary markers: The instructions do not define explicit delimiters or 'ignore embedded instructions' warnings for the data ingested from the audit reports.
  • Capability inventory: The skill utilizes powerful tools including mcp__hex-line__edit_file, mcp__hex-line__bulk_replace, and the Bash tool across its workflow and runtime scripts.
  • Sanitization: The skill mitigates risk through a mandatory 90% confidence threshold (Step 3), semantic reference checks via hex-graph, and build verification (lint and typecheck) after each modification (Step 4).
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute linting, type-checking, and build commands. These commands are dynamically discovered at runtime from the project's own configuration files (such as package.json or pyproject.toml) or documentation, following the hierarchy defined in references/ci_tool_detection.md.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 12:55 PM