Skills
NYC
skills/duc01226/easyplatform/code-simplifier/Gen Agent Trust Hub

code-simplifier

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (LOW): The skill demonstrates a vulnerability surface for Indirect Prompt Injection (Category 8) by ingesting untrusted data and having the capability to modify the environment.\n
  • Ingestion points: The skill reads source code files identified through git diff or user-specified paths.\n
  • Boundary markers: The instructions lack explicit delimiters or instructions to treat ingested code as data only, increasing the risk that embedded instructions in comments could be executed by the agent.\n
  • Capability inventory: The skill utilizes Read, Edit, Glob, Grep, and Task tools. The Edit capability allows the agent to write changes to the filesystem based on the processed (and potentially malicious) input.\n
  • Sanitization: There is no evidence of input validation, sanitization, or escaping performed on the code content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:14 PM