codebase-cleanup
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from the codebase to drive its logic, creating a surface for indirect prompt injection where malicious comments or code could influence the cleanup subagents.
- Ingestion points: Reads all files in the repository, including source code and configuration files (as seen in SKILL.md).
- Boundary markers: The instructions lack explicit delimiters or instructions for the subagents to ignore potential malicious content embedded in the analyzed files.
- Capability inventory: The skill executes shell commands for auditing tools (knip, madge) and test runners, modifies files, and performs git commits (SKILL.md).
- Sanitization: No content sanitization or validation mechanisms are described to protect against adversarial input within the codebase.
- [COMMAND_EXECUTION]: The skill utilizes shell commands to perform analysis and apply fixes.
- Executes development tools such as knip for dead code detection and madge for circular dependency analysis.
- Runs the project's test suite to verify the integrity of automated changes.
- Manages git operations including branch creation and individual task commits.
Audit Metadata