Skills
skills/zhuxining/harness/code-simplifier/Gen Agent Trust Hub

code-simplifier

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing external data.
  • Ingestion points: The agent is instructed to analyze and refine "recently modified code" (SKILL.md).
  • Boundary markers: There are no instructions to use delimiters or explicit "ignore embedded instructions" warnings for the code being simplified.
  • Capability inventory: The skill contains no scripts, but the agent is tasked with modifying files and applying refinements autonomously.
  • Sanitization: No sanitization or input validation is specified for the code being processed.
  • [PROMPT_INJECTION]: The skill instructs the agent to "operate autonomously and proactively... without requiring explicit requests." This autonomy reduces user oversight, which can be a risk if the agent inadvertently follows malicious instructions hidden in the code it is simplifying.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 07:24 AM
Security Audit — agent-trust-hub — code-simplifier