distill
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes system commands such as
git,grep, and user-defined test/lint scripts to manage code changes and verify system integrity after refactoring. - [PROMPT_INJECTION]: Employs strong instructional directives, such as "Fight Your Training" and "Default is DELETE", to override the AI's default coding preferences in favor of aggressive code reduction. These are functional instructions specific to the task of code distillation.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external source code which could theoretically contain malicious instructions intended to influence the agent's behavior during analysis.
- Ingestion points: Source code files in the target module (SKILL.md).
- Boundary markers: Lacks explicit delimiters or "ignore embedded instructions" warnings when passing code content to sub-agent tasks.
- Capability inventory: Execution of tests and build commands which run the modified code (SKILL.md).
- Sanitization: Does not sanitize or filter the input source code before analysis.
Audit Metadata