simplify-parallel
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple local commands to analyze code, run tests, and manage git state. Specifically, it calls
npx tsx scripts/analyze-codebase.tsto build a dependency graph andnpm runfor type-checking, linting, and building. - [EXTERNAL_DOWNLOADS]: Commands like
npx tsxandnpx vitestare used, which may trigger downloads from the NPM registry if the packages are not present in the local environment or cache. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from the source code it processes. An attacker with write access to the repository could embed malicious instructions in code comments.
- Ingestion points: All files in the target repository directories (e.g.,
src/lib,src/api) are read and processed by worker agents. - Boundary markers: The orchestration prompt lacks explicit instructions to treat the ingested code as data only and to ignore embedded instructions.
- Capability inventory: The skill possesses significant capabilities, including the ability to run arbitrary project scripts and perform git commits.
- Sanitization: The input code is passed directly to the worker agents without filtering or sanitization.
Audit Metadata