cut-the-crap
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it ingests untrusted source code and test coverage reports to provide analysis and refactoring suggestions.
- Ingestion points: The skill reads local project source files and coverage reports (e.g., .json, .info, .xml) during Phase 1 and Phase 2 (SKILL.md, scripts/crap_score.py).
- Boundary markers: There are no explicit boundary markers or instructions to ignore embedded prompts within the files being analyzed.
- Capability inventory: The agent is instructed to implement refactoring changes and write or extend tests, which involves file-write operations (SKILL.md).
- Sanitization: No specific sanitization or escaping of the ingested code content is performed before processing.
- [EXTERNAL_DOWNLOADS]: The skill's documentation (REFERENCE.md) suggests the installation of various standard development tools to generate the necessary metrics.
- Findings: References to standard packages such as 'coverage', 'c8', 'nyc', 'jest', and 'vitest', as well as a utility 'gcov2lcov' from GitHub. These are common tools in modern CI/CD and development workflows.
Audit Metadata