gitnexus-refactoring

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the execution of a local JavaScript file via Node.js to update the search index.
  • Evidence: The workflow section contains the instruction: node .gitnexus/run.cjs analyze.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests and processes untrusted project source code to perform automated refactoring.
  • Ingestion points: The impact(), query(), context(), and cypher() tools read code structure and content from the local workspace.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard natural language instructions that might be embedded in code comments or string literals within the processed files.
  • Capability inventory: The skill has high-impact capabilities, specifically the rename() tool which can perform multi-file edits across the repository, and the ability to trigger local script execution.
  • Sanitization: No sanitization or validation of the ingested code content is described before it is used to influence the agent's refactoring plan.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:16 PM
Security Audit — agent-trust-hub — gitnexus-refactoring