refactor
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The orchestrator uses the
Bashtool to calculate repository metrics, such as file line counts (wc -l) and modification history (git log). These operations are used purely for scoring and prioritizing refactoring targets. - [PROMPT_INJECTION]: The skill processes untrusted repository files, creating an indirect prompt injection surface. Maliciously crafted content within code or documentation could attempt to influence the agent's behavior during the refactoring process, though the impact is limited by the skill's specific task focus.
- [SAFE]: Robust path validation is implemented in the target detection phase, successfully mitigating risks such as path traversal, absolute path usage, and symlink escapes by rejecting any targets that resolve outside the repository root.
Audit Metadata