Skills
skills/eljun/workflow-skills/simplify/Gen Agent Trust Hub

simplify

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and processing external data from task documentation and source code files.
  • Ingestion points: Reads content from docs/task/{ID}-{task-name}.md and files identified by the git diff command.
  • Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are utilized when reading file contents.
  • Capability inventory: Includes shell command execution (git diff), file write access to update task documentation, and the ability to spawn subagents using the Task tool.
  • Sanitization: No explicit sanitization or validation of the ingested file content is performed prior to analysis.
  • [COMMAND_EXECUTION]: The skill uses local shell commands to identify the scope of work for its review process.
  • Evidence: Executes git diff --name-only main...HEAD to programmatically determine which files have changed in the current branch.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 02:18 PM