complexity-optimizer
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The workflow defined in
SKILL.md(Workflow steps 1 and 5) directs the agent to 'Identify the language, framework, test command, build command' and then 'Run relevant tests and type/lint/build commands'. This creates a significant attack surface where a malicious repository can define harmful shell commands in standard configuration files (e.g.,package.json,Makefile,scripts/) that the agent is then prompted to execute as part of its 'verification' process. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it ingests and processes untrusted data from an external codebase. Instructions hidden in code comments or metadata could attempt to override the agent's behavior during the analysis or implementation phases.
- Ingestion points: Source code files and project configuration files are read by the
analyze_complexity.pyscript and the agent's file system tools. - Boundary markers: None. The instructions do not provide delimiters or security warnings to treat repository content as untrusted input.
- Capability inventory: The agent is authorized to execute shell commands, run the provided Python script, and perform file modifications.
- Sanitization: No logic is provided to validate, escape, or sanitize the build/test commands identified in the codebase before they are executed.
Audit Metadata