de-slopify
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE] (SAFE): Comprehensive analysis of the markdown files and documentation revealed no malicious code, obfuscation, or data exfiltration logic.
- [COMMAND_EXECUTION] (SAFE): The skill includes shell command examples in
references/review-workflow.md(e.g.,grep,find) intended for local file scanning and auditing. These commands are benign and read-only. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill defines workflows for the agent to ingest and rewrite untrusted content (documentation and code), which presents a standard surface for indirect prompt injection.
- Ingestion points: User-provided markdown files and source code are processed via the prompts defined in
references/review-workflow.md. - Boundary markers: Absent; the suggested prompt templates do not utilize explicit delimiters to separate untrusted user data from the agent's instructions.
- Capability inventory: The skill instructs the agent to read, analyze, and rewrite content.
- Sanitization: Absent; the skill does not suggest any escaping or validation of the input data before processing.
Audit Metadata