code-organization
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: All provided files contain legitimate documentation, code examples, and configuration templates for React, Next.js, Python, and other frameworks. No security vulnerabilities were detected in the instructions or examples.- [COMMAND_EXECUTION]: The skill includes shell command examples for running local analysis scripts (e.g.,
scripts/find-large-files.js). These are intended as project-local utilities and do not involve fetching code from remote or untrusted sources.- [INDIRECT_PROMPT_INJECTION]: The skill defines a workflow for processing untrusted user code, which creates a potential surface for indirect prompt injection. - Ingestion points: User source code in the target directory (e.g.,
/path/to/src). - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded prompts within the analyzed code.
- Capability inventory: Includes shell command execution and file system writes for refactoring.
- Sanitization: No validation or sanitization of the input code is specified.
Audit Metadata