simplify
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
git diffcommand to identify recent code changes. This is a standard operation for its stated purpose of reviewing and simplifying code. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data in the form of code changes retrieved via
git diff. These changes are passed to parallel agents for analysis, and the resulting findings influence automated file modifications. While this creates an attack surface for instructions embedded in code comments to influence the agent's behavior, it is a known risk for this category of tool. - Ingestion points: Git diff output processed in Phase 1 and Phase 2 of
SKILL.md. - Boundary markers: No specific delimiters or instructions are used to separate code content from instructions for the sub-agents.
- Capability inventory: The skill possesses the ability to modify files (Phase 3: "Fix issues found") and invoke sub-agents via the
Agenttool. - Sanitization: No sanitization or validation of the ingested code content is performed prior to processing.
Audit Metadata