legacy-modernizer

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill performs deep analysis on legacy source code, which introduces a surface for indirect prompt injection. Malicious instructions embedded in analyzed files (e.g., within comments or documentation) could attempt to influence the agent's modernization strategies or generated code.
  • Ingestion points: The LegacyCodeAnalyzer in references/system-assessment.md reads and processes the full content of all Python source files in a target directory.
  • Boundary markers: The current analysis workflow does not implement specific delimiters or 'ignore' instructions to isolate legacy code content from the agent's core instructional context.
  • Capability inventory: The skill has the capability to perform automated code refactoring, generate new service implementations, and execute system commands for repository metrics.
  • Sanitization: No specific filtering or validation of input source code is present to detect or mitigate adversarial prompt injection attempts.
  • [COMMAND_EXECUTION]: The assessment logic in references/system-assessment.md uses subprocess.run to execute git log commands for repository hotspot analysis. While these are standard developer operations using common tooling, the execution of shell commands on user-defined directory paths is a security-relevant behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 02:24 PM
Security Audit — agent-trust-hub — legacy-modernizer