java-code-simplifier
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run terminal commands (
git diff --name-only HEAD | grep '\.java$') to discover relevant files for auditing. This is a standard functional pattern for developer-oriented tools.\n- [PROMPT_INJECTION]: The skill analyzes the content of local Java files, which constitutes an Indirect Prompt Injection surface. Maliciously crafted comments in audited code could theoretically influence the agent's output.\n - Ingestion points: Java source files provided as arguments or detected via Git (SKILL.md).\n
- Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' instructions for the audited content.\n
- Capability inventory: The skill uses Git for file discovery and has the capability to read local files for review (SKILL.md).\n
- Sanitization: No specific sanitization or escaping of file content is defined before the agent processes the code.
Audit Metadata