code-slop
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted data (code diffs) and uses that data to drive file modifications. An adversary could craft code comments or specific code patterns that trick the agent into misidentifying legitimate security logic, such as validation checks or error handling, as 'AI slop' to facilitate their removal.
- Ingestion points: The skill is instructed to 'Check the diff against main', ingesting external code content into the context.
- Boundary markers: Absent. There are no instructions to differentiate between the agent's instructions and instructions potentially embedded within the code comments being analyzed.
- Capability inventory: The skill has the capability to modify and delete code across the repository.
- Sanitization: None. The skill relies on LLM judgment to determine what constitutes 'slop' without strict validation or safety constraints.
Audit Metadata