typo3-simplify
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
- Ingestion points: The skill identifies and reads local source code files (PHP, Fluid, TCA, Services.yaml) identified via
git diff. - Boundary markers: There are no explicit instructions or delimiters used to separate the skill's logic from instructions that might be embedded within the files being analyzed.
- Capability inventory: The skill is designed to read file contents and suggest or apply code modifications to the project.
- Sanitization: No validation or sanitization is performed on the content of the analyzed files to prevent the agent from following embedded instructions.
- [COMMAND_EXECUTION]: The skill utilizes the local command
git diff --name-only HEAD~1to identify modified files. While this is a standard and expected operation for a code review tool, it involves the execution of shell commands to interact with the system's environment.
Audit Metadata