simplify
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
git diffto identify modified code for analysis. This is a standard operation for developer tools and is restricted to local repository metadata. - [DATA_EXPOSURE]: The skill reads the contents of the project's codebase to search for utilities, helpers, and patterns. No network activity or external exfiltration attempts were detected.
- [PROMPT_INJECTION]: The skill processes untrusted code via
git diffand file reads, which presents a surface for indirect prompt injection (Category 8). An attacker could theoretically place instructions inside a code comment or string to influence the agent's behavior during the review phase. - Ingestion points: Project source code and git diffs (Phase 1 and 2).
- Boundary markers: None explicitly defined in the instructions.
- Capability inventory: The skill has the authority to modify files (Phase 3: "Fix issues").
- Sanitization: No specific sanitization or filtering of input code is defined.
- [COMMAND_EXECUTION]: The agent is instructed to "fix each actionable issue directly," which involves writing to the local filesystem. This behavior is consistent with the skill's primary purpose as a code cleanup tool.
Audit Metadata