Skills
skills/vibeeval/vibecosystem/ai-slop-cleaner/Gen Agent Trust Hub

ai-slop-cleaner

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface because it processes untrusted source code as data. Malicious instructions embedded within comments or string literals in the target codebase could attempt to influence the agent's cleanup logic or reporting.
  • Ingestion points: Local source code files targeted for cleanup (implied throughout SKILL.md).
  • Boundary markers: Absent. The skill does not define delimiters or specific instructions to ignore embedded prompts within the files being processed.
  • Capability inventory: File system read/write, shell command execution for tests, and version control operations (git checkout).
  • Sanitization: Absent. There is no evidence of sanitization or validation of the code content before it is parsed or processed.
  • [COMMAND_EXECUTION]: The 'Regression-Safe Workflow' requires the agent to execute a 'full test suite' and git commands. If an attacker can manipulate the project's test configuration (e.g., package.json scripts or Makefile), they could achieve arbitrary command execution when the agent attempts to run tests.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 05:43 PM
Security Audit — agent-trust-hub — ai-slop-cleaner