de-slop
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local development and discovery commands including cat, ls, npm test, and tsc --noEmit during the workflow defined in SKILL.md.
- [SAFE]: The skill has an ingestion surface for indirect prompt injection because it reads and processes project source code to perform its cleanup tasks. Ingestion points: project source code and .agents/SYSTEM/critical/CRITICAL-NEVER-DO.md. Boundary markers: Absent. Capability inventory: local shell command execution (cat, ls, npm, tsc). Sanitization: Absent. This surface is inherent to the skill's purpose as a code maintenance tool.
Audit Metadata