simplify
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Prompt Injection] (LOW): The skill exhibits an indirect prompt injection surface by ingesting and processing source code files from the local environment.
- Ingestion points: Uses git diff in SKILL.md to identify files which are then passed to a subagent.
- Boundary markers: Instructions passed to the code-simplifier subagent do not use delimiters to wrap the content being analyzed, making it easier for embedded instructions in the code to influence the agent.
- Capability inventory: The skill queries repository metadata and delegates code modification to a subagent.
- Sanitization: No sanitization is performed on the code content before it is processed by the LLM.
- [Command Execution] (SAFE): Employs git and gh commands for repository state inspection. These commands are static and do not incorporate unvalidated user input into the shell execution string.
Audit Metadata