simplify-code
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to retrieve git diffs and run local validation tools such as test runners, compilers, or linters. These actions are standard for the tool's intended purpose of code review and maintenance.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted data from repository files and git diffs. Ingestion points: git diff output, repo documentation (e.g., AGENTS.md), and user-specified files. Boundary markers: None explicitly defined to separate untrusted code from agent instructions. Capability inventory: Execution of git commands and project validation scripts, along with file system writes to apply fixes. Sanitization: Includes instructions for the agent to discard weak or instruction-conflicting findings before applying changes.
Audit Metadata