Skills
skills/microsoft/hve-core/prompt-refactor/Gen Agent Trust Hub

prompt-refactor

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [Indirect Prompt Injection Surface]: The skill is designed to process and execute existing prompt artifacts, which introduces a surface for indirect prompt injection.
  • Ingestion points: Processes promptFiles and requirements provided via user input or workspace context as described in SKILL.md.
  • Boundary markers: No explicit boundary markers or 'ignore instructions' delimiters are defined within the provided skill files.
  • Capability inventory: The skill utilizes Prompt Tester and Prompt Evaluator to execute prompts and evaluate results within a sandbox environment.
  • Sanitization: No explicit sanitization or filtering of the input prompt content is performed before processing.
  • Context: The use of a deterministic sandbox (.copilot-tracking/sandbox/) provides isolation for these operations, which is a standard practice for handling potentially untrusted prompt content during refactoring tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 03:39 PM
Security Audit — agent-trust-hub — prompt-refactor