code-simplify

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run git commands to define the operational scope and verify the environment. It uses git rev-parse --git-dir to verify repository presence and git diff --name-only / git ls-files to list candidate files for simplification.\n- [PROMPT_INJECTION]: The skill processes local code files, which constitutes an indirect prompt injection surface.\n
  • Ingestion points: Files identified by git commands in the 'Scope Resolution' section of SKILL.md.\n
  • Boundary markers: No specific delimiters or 'ignore' instructions are provided for the agent to use when reading the code content.\n
  • Capability inventory: The agent reads file contents and is instructed to 'Apply Simplification Passes', which involves writing modified versions back to the repository.\n
  • Sanitization: No instructions for sanitizing or validating the code content for embedded instructions are present.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 09:34 AM
Security Audit — agent-trust-hub — code-simplify