code-simplifier-gemini-cli
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted code changes and git diffs during the review process. Evidence: 1. Ingestion points: Untrusted code changes and diffs are identified in Step 4 and 5. 2. Boundary markers: No explicit delimiters or instructions are used to separate untrusted code from agent instructions. 3. Capability inventory: The skill uses write_file and provides instructions for code modification based on agent findings. 4. Sanitization: No sanitization of code content is performed before processing.
- [COMMAND_EXECUTION]: The skill uses the write_file tool to modify project configuration and create new agent definitions in the .gemini/agents directory. Evidence: Steps 1 and 2 describe checking settings and writing three markdown files for the review subagents.
- [NO_CODE]: The skill does not include or download any executable scripts or binary files, relying entirely on natural language instructions and established agent tools.
Audit Metadata