simplify-and-harden
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides installation instructions utilizing
npx skills addto fetch the skill from the author's repository (pskoett/pskoett-ai-skills). This is a standard deployment mechanism for this ecosystem. - [DATA_EXFILTRATION]: No patterns of data exfiltration were detected. The skill monitors for sensitive data like hardcoded secrets and credentials during its 'Harden' pass to ensure they are removed from the codebase.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data in the form of code diffs and source files.
- Ingestion points: Triggered by changes to executable source files such as
*.ts,*.py,*.go, etc. (documented inSKILL.md). - Boundary markers: None explicitly defined for the ingested code blocks.
- Capability inventory: The skill allows the agent to modify files (cosmetic fixes and security patches) and suggest structural refactors (documented in
SKILL.md). - Sanitization: No specific sanitization or filtering of the input code is described; however, the skill's logic is specifically designed to analyze and secure this data.
- [PROMPT_INJECTION]: The skill uses instructional language ('MUST NOT', 'Hard rule') to define its operating boundaries and scope constraints, which is standard behavior for defining agent skills and does not attempt to bypass safety filters.
Audit Metadata