hard-cut
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill instructions direct the agent to delete code paths identified as "legacy" or "compatibility" layers. This creates a risk where malicious comments or data within the ingested source code could trick the agent into misidentifying and deleting critical security or business logic.
- Ingestion points: Source code files processed during refactoring tasks in the agent's context.
- Boundary markers: Absent; the instructions do not provide delimiters or warnings to differentiate between the agent's operational logic and the untrusted content of the code being modified.
- Capability inventory: High-impact code modification and deletion, including removing tests, fixtures, and logic branches (as specified in SKILL.md).
- Sanitization: Absent; the skill does not require validation or sanitization to ensure that code content does not contain instructions targeting the agent's behavior.
Audit Metadata