Skills
skills/eljun/workflow-skills/simplify/Gen Agent Trust Hub

simplify

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from source files and documentation.
  • Ingestion points: Reads content from docs/task/{ID}-{task-name}.md, docs/testing/{ID}-{task-name}.md, and various source code files identified by git.
  • Boundary markers: The skill does not define specific delimiters or instructions for the agent to ignore potentially malicious instructions embedded within the files being reviewed.
  • Capability inventory: The skill executes git diff and writes updated status/notes back to the task documentation files.
  • Sanitization: There is no evidence of content sanitization or validation to prevent instructions within code comments or documentation from influencing the agent's behavior.
  • [COMMAND_EXECUTION]: The skill uses git diff --name-only main...HEAD to programmatically identify changed files. This is a standard and safe use of version control tools for a quality gate skill.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 02:19 AM