code-simplifier
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill ingests 'recently modified code' which is a source of untrusted data. However, there are no capabilities within the skill (such as subprocess execution, file writing, or network requests) to exploit. The risk is limited to the agent potentially following malicious instructions instead of refactoring, but no system-level harm can occur.
- [No Code Execution] (SAFE): The skill consists entirely of YAML frontmatter and Markdown instructions. There are no associated scripts (Python, Node.js, Shell), making it impossible for the skill to execute code or install malicious packages.
- [Prompt Injection] (SAFE): The instructions use terms like 'IMPORTANT' and 'CRITICAL' solely to define coding style preferences (e.g., avoiding nested ternaries) and do not attempt to override the underlying AI safety or system instructions.
Audit Metadata