request-refactor-plan
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security vulnerabilities or malicious patterns were detected. The skill's operations, including repository exploration and GitHub issue creation, are aligned with its documented purpose of planning and documenting code refactors.
- [INDIRECT_PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it ingests data from both the local repository and user input to populate a GitHub issue template. This is a standard risk for tools processing external data.
- Ingestion points: Repository codebase and user-provided descriptions (SKILL.md).
- Boundary markers: None explicitly defined to separate untrusted data from the issue generation instructions.
- Capability inventory: Repository exploration (read) and GitHub issue creation (write).
- Sanitization: Not explicitly implemented in the provided instructions.
Audit Metadata