legacy-modernizer
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill performs deep analysis on legacy source code, which introduces a surface for indirect prompt injection. Malicious instructions embedded in analyzed files (e.g., within comments or documentation) could attempt to influence the agent's modernization strategies or generated code.
- Ingestion points: The
LegacyCodeAnalyzerinreferences/system-assessment.mdreads and processes the full content of all Python source files in a target directory. - Boundary markers: The current analysis workflow does not implement specific delimiters or 'ignore' instructions to isolate legacy code content from the agent's core instructional context.
- Capability inventory: The skill has the capability to perform automated code refactoring, generate new service implementations, and execute system commands for repository metrics.
- Sanitization: No specific filtering or validation of input source code is present to detect or mitigate adversarial prompt injection attempts.
- [COMMAND_EXECUTION]: The assessment logic in
references/system-assessment.mdusessubprocess.runto executegit logcommands for repository hotspot analysis. While these are standard developer operations using common tooling, the execution of shell commands on user-defined directory paths is a security-relevant behavior.
Audit Metadata