code-simplifier
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It processes code files identified via git diff (SKILL.md) by delegating them to a subagent for refactoring. Malicious instructions or prompts embedded in these files could influence the subagent's behavior. Ingestion points: File contents identified by git diff. Boundary markers: Absent. Capability inventory: Local command execution and subagent tasking. Sanitization: Absent.\n- [COMMAND_EXECUTION]: The skill executes local git commands (git diff --name-only) to identify files within the repository. While these are standard read-only operations for development workflows, they involve interaction with the system shell.
Audit Metadata