simplify
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No high-risk security issues or malicious patterns such as data exfiltration, credential theft, or obfuscation were detected. The skill performs intended developer tasks within the local environment.
- [COMMAND_EXECUTION]: The skill executes
gitcommands and local validation tools (lint, tests, typecheck) to analyze and verify code changes. This behavior is expected for its purpose and is limited to the local development environment. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted code changes from git diffs and has the capability to write to the filesystem and execute shell commands.
- Ingestion points: Reads code changes via
git diffas described in SKILL.md. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for the analyzed code.
- Capability inventory: The agent can perform file writes (applying fixes) and execute validation commands (tests/lint) in the local shell.
- Sanitization: No content sanitization or validation of the ingested code is mentioned in the workflow.
Audit Metadata