no-broken-window
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or data exfiltration patterns were detected. The skill's instructions are focused on legitimate software engineering practices for codebase health.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external codebase content.
- Ingestion points: Codebase scanning in the 'Identify the pattern' workflow (SKILL.md).
- Boundary markers: Not explicitly specified in the instructions.
- Capability inventory: File-writing for lint configurations, pre-commit scripts, and CI workflows.
- Sanitization: The workflow mitigates risks by requiring the agent to 'Get user confirmation before applying' any changes, ensuring human review of generated enforcement rules.
Audit Metadata