code-simplifier
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection because it processes external, untrusted content like source code and commit messages. However, it includes explicit mitigations by instructing the agent to disregard any commands or instructions found within the processed files.\n
- Ingestion points: Source code, comments, diffs, and git history processed during refactoring.\n
- Boundary markers: Instructs the agent to clearly delimit code snippets as data and never relay embedded instructions.\n
- Capability inventory: Repository access via git commands and file modification capabilities for code cleanup.\n
- Sanitization: Employs an internal prompt policy that treats all external inputs as untrusted data rather than instructions.\n- [COMMAND_EXECUTION]: The skill uses standard repository inspection commands such as 'git diff' to determine which files have changed. These commands are used for identifying the scope of work and do not pose a security risk.
Audit Metadata