Skills
skills/paulkinlan/co-do/code-simplifier/Gen Agent Trust Hub

code-simplifier

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute git diff for identifying changes and npm test to verify code integrity. These operations are essential to its primary function of code simplification and testing.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) due to how it processes untrusted data.
  • Ingestion points: The agent reads source code from the local filesystem using Read, Glob, Grep, and the output of git diff.
  • Boundary markers: The instructions lack explicit delimiters or warnings to ignore instructions embedded within the code being analyzed (e.g., in comments or strings).
  • Capability inventory: The agent has the ability to modify files via Edit and Write, and execute arbitrary commands via the Bash tool.
  • Sanitization: There is no evidence of content sanitization or validation to prevent the model from following instructions found within the code files it processes.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 11:35 PM