deslop
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses git diff and git show to identify changed files and retrieve original source code for comparison. These commands are executed locally and are appropriate for the tool's stated purpose of repository maintenance.
- [PROMPT_INJECTION]: The process of reading and analyzing file content from a development branch creates a surface for indirect prompt injection (e.g., malicious instructions hidden in code comments). However, the skill's logic is constrained to identifying and removing specific patterns of 'slop', which significantly limits the potential impact of such an attack.
- [SAFE]: No evidence of credential exposure, data exfiltration, unauthorized network access, or persistence mechanisms was found within the skill's instructions or logic.
Audit Metadata