deslop
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core function is to read and modify source code diffs. Ingestion points: The agent is instructed to analyze code diffs from the current branch. Boundary markers: The skill lacks delimiters or instructions to ignore embedded commands within the code being processed. Capability inventory: The agent has the authority to rewrite or delete code in the repository. Sanitization: No validation or sanitization of the input code is performed. There is a risk that malicious instructions in comments could trick the agent into deleting legitimate security checks, especially since the skill explicitly encourages removing 'defensive checks' in 'trusted' paths.
- [NO_CODE]: This skill consists purely of natural language instructions and does not include any scripts or executable code.
Audit Metadata