clean-code

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill operates as a reference library for software engineering best practices. All instructions are aimed at improving code quality, readability, and maintainability without any malicious intent or hidden behaviors detected.\n- [COMMAND_EXECUTION]: The skill mentions standard development commands in its reference documentation.\n
  • Evidence: references/full-catalog.md mentions pip install -e ".[dev]" and pytest. references/tests.md mentions pytest --cov=myproject.\n
  • Context: These commands are provided as examples of environment automation and testing standards for a user's development project. They are not intended for autonomous execution by the agent on the host system.\n- [PROMPT_INJECTION]: The skill defines a workflow for processing and refactoring user-provided code, creating a surface for indirect prompt injection.\n
  • Ingestion points: Python code snippets or files provided by the user for review in SKILL.md.\n
  • Boundary markers: No specific delimiters or safety warnings are implemented to separate user code from the agent's instructions.\n
  • Capability inventory: The skill is limited to code analysis and refactoring; it does not request network access, sensitive file reads, or elevated privileges.\n
  • Sanitization: No specific sanitization or validation of the input code is defined in the instruction set.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 04:50 PM
Security Audit — agent-trust-hub — clean-code