prompt-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is primarily instructional and analytical, providing a library of prompt engineering techniques and a quality framework. No obfuscation, persistence mechanisms, or unauthorized privilege escalation attempts were detected.
- [COMMAND_EXECUTION]: The skill workflow involves executing local Python scripts (scripts/evaluate.py and scripts/optimize.py) to automate prompt analysis. These scripts are internal to the skill and do not perform remote downloads or arbitrary command execution based on untrusted network data.
- [PROMPT_INJECTION]: The skill processes untrusted user prompts as input for its optimization engine, creating a surface for indirect prompt injection. Mandatory evidence chain: 1) Ingestion points: User-provided prompt strings are passed into the evaluation and optimization workflow. 2) Boundary markers: The documentation examples illustrate the use of quoted strings for CLI arguments, but no explicit sanitization is mandated. 3) Capability inventory: The skill logic includes executing local Python scripts which process these inputs. 4) Sanitization: The provided files do not specify explicit sanitization or filtering logic for the input strings. Despite this surface, the risk remains low as the skill's purpose is analytical and it does not have high-privilege capabilities.
Audit Metadata