simplisticate
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (HIGH): The skill creates a high-risk surface for indirect prompt injection by processing untrusted external content while possessing write capabilities. • Ingestion points: The agent scans and analyzes user-provided source code files as part of the simplification workflow. • Boundary markers: The instructions lack any requirement for delimiters (like XML tags or specific markdown blocks) or 'ignore' directives to isolate the untrusted code from the agent's instructions. • Capability inventory: Step 6 ('Execute') explicitly directs the agent to implement code changes, providing a write-capable vector for instructions embedded in the data. • Sanitization: No sanitization or safety-filtering is specified for the code being analyzed.
- No Code (INFO): The skill consists entirely of Markdown instructions and lacks executable scripts (Python, JS, Shell), which prevents direct exploitation of the skill's own code but does not mitigate the architectural risks of the workflow.
Recommendations
- AI detected serious security threats
Audit Metadata