anti-slop-fix
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes arbitrary source code files provided via user input.
- Ingestion points: Source code content read during the audit workflow (SKILL.md, Step 1).
- Boundary markers: The instructions do not define delimiters or explicit warnings for the agent to ignore instructions embedded within the files being processed.
- Capability inventory: The skill utilizes an 'Edit tool' to apply changes to the file system (SKILL.md, Step 3 and 4).
- Sanitization: No sanitization or validation of the file content is performed to filter out potential malicious instructions before processing.
- [COMMAND_EXECUTION]: The skill output includes instructions for the user to execute local shell commands (
npm run lint && npm test) to verify changes. While standard for development, this involves executing code in the local environment.
Audit Metadata