code-simplifier
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8). Evidence Chain: 1. Ingestion points: 'CLAUDE.md' (ctx-read-claude-md.md) and code comments (dead-keep-why-comments.md). 2. Boundary markers: Absent; agents are told to prioritize project conventions over generic rules (ctx-project-over-generic.md). 3. Capability inventory: High; the agent is tasked with refactoring and rewriting code throughout the project. 4. Sanitization: Absent; no filtering or validation of ingested instruction data from local files is specified.
- EXTERNAL_DOWNLOADS (LOW): The README.md suggests 'pnpm install' for optional validation dependencies, which involves downloading external Node.js packages.
- COMMAND_EXECUTION (LOW): The README.md suggests running a Node.js validation script via a dynamic local path ('~/.claude/plugins/cache/dot-claude/dev-skill/*/scripts/validate-skill.js') and several standard CLI tools (e.g., 'npm test', 'pytest', 'go test') to verify behavior preservation after code changes.
Audit Metadata