Skills
skills/popup-studio-ai/bkit-gemini/simplify/Gen Agent Trust Hub

simplify

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns were identified. The skill acts as a localized refactoring tool.
  • [COMMAND_EXECUTION]: The skill instructs the agent to run git diff --name-only to scope the analysis to relevant changed files. This is a standard and safe operation for a code quality assistant.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes code changes that may contain attacker-controlled comments.
  • Ingestion points: Reads files identified through git diff output as described in SKILL.md.
  • Boundary markers: Absent; the skill does not wrap the analyzed code in specific security delimiters.
  • Capability inventory: The agent has access to run_shell_command and replace to perform its tasks.
  • Sanitization: None; the skill relies on the underlying LLM's safety filters to distinguish code logic from instructions embedded in comments.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 06:08 PM
Security Audit — agent-trust-hub — simplify