code-simplifier
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to process untrusted external code and includes an 'Execution Mode' that explicitly authorizes the agent to 'directly modify code'. This configuration is vulnerable to malicious instructions embedded within the code being analyzed (e.g., in comments or string literals), which could cause the agent to perform unauthorized actions.
- Ingestion points: External source code provided in the user prompt or via file system access.
- Boundary markers: Absent. The skill lacks instructions to wrap input in delimiters or to ignore embedded instructions within the processed data.
- Capability inventory: 'Execution Mode' grants the agent the authority to modify source code, which implies write access to the filesystem in a typical agent deployment.
- Sanitization: Absent. There are no directives to sanitize, filter, or validate the content of the external code before the agent processes or applies modifications based on it.
Recommendations
- AI detected serious security threats
Audit Metadata