code-simplifier
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it ingests untrusted data from the repository to perform its core tasks.\n
- Ingestion points: Accesses and processes recently modified source code files and the local 'AGENTS.md' configuration file.\n
- Boundary markers: No delimiters or safety instructions (e.g., 'treat the following as data only') are present to isolate analyzed code from the agent's internal instructions.\n
- Capability inventory: The skill definition is purely instructional and lacks executable scripts or tool calls; however, it directly influences the agent's code output.\n
- Sanitization: Input data is not sanitized, escaped, or validated before being incorporated into the agent's processing context.
Audit Metadata