simplify-and-harden
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of instructional guidelines and does not contain executable malicious code, obfuscation, or unauthorized data access patterns.- [PROMPT_INJECTION]: The skill provides instructions for the agent to review and modify code. While the agent processes untrusted data (the code being reviewed), this is the intended functionality for a code review tool and no malicious injection attempts were found in the skill itself.
- Ingestion points: Modified source files identified in the task diff (SKILL.md).
- Boundary markers: Absent (instructions do not specify delimiters for code content).
- Capability inventory: File modification capabilities (implied by the agent's coding role).
- Sanitization: Absent (the skill does not explicitly instruct the agent to sanitize code comments or string literals before processing).
- [EXTERNAL_DOWNLOADS]: The documentation provides an installation command using
npxto fetch the skill from the author's own repository. This is a standard installation mechanism for the platform and is consistent with the provided vendor context.
Audit Metadata