de-slopify
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is focused on code maintenance and follows best practices for a local development tool. It does not involve external downloads, remote code execution, or any form of data exfiltration.
- [PROMPT_INJECTION]: The skill's functionality involves reading and interpreting code from git branches, creating an indirect prompt injection surface. A malicious actor could craft code or comments designed to trick the agent into removing legitimate security checks or performing unintended modifications during its cleanup process.
- Ingestion points: Source code diffs from the specified git branch ($1).
- Boundary markers: None; the agent processes the code content directly without delimiters.
- Capability inventory: File system write access used to modify or delete code.
- Sanitization: No sanitization or validation of the branch content is performed before processing.
Audit Metadata