code-simplifier
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection attacks because it instructs the agent to process and modify external code that could be attacker-controlled (e.g., from a Public PR).
- Ingestion points: The skill uses tools like
grep,glob, andreadto ingest code files in Step 1 (Inventory) and Step 2 (Identify Targets). - Boundary markers: There are no instructions provided to the agent to use delimiters or to disregard natural language instructions found within the code files being analyzed.
- Capability inventory: The skill explicitly directs the agent to perform high-privilege file operations in Step 4 (Implement), including deleting code, merging files, and rewriting logic.
- Sanitization: The instructions lack any requirement for the agent to sanitize or escape content found in the source code before using it to decide on refactoring actions.
Audit Metadata