remove-ai-slops
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard shell utilities like git and awk to manage code changes. It also runs the project's own test runners, linters, and security scanners. This is standard behavior for a development tool but involves executing local code and tools based on project configuration.
- [INDIRECT_PROMPT_INJECTION]: The skill reads source code from the repository and passes it to sub-agents for processing. There is a potential for indirect prompt injection if an attacker embeds malicious instructions within code comments or strings, as the skill does not use delimiters or boundary markers to separate data from instructions in sub-agent prompts.
- Ingestion points: Source files identified in the repository are read and passed to sub-agents in Phase 4.
- Boundary markers: None; file contents are processed within a prompt that lacks 'ignore instructions' warnings or delimiters.
- Capability inventory: The skill can modify files and execute project-defined scripts, tests, and linters.
- Sanitization: No sanitization or escaping is performed on the code content before it is processed by the AI agents.
Audit Metadata