prompt-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user-supplied draft prompts as its primary data source, which creates a surface for indirect prompt injection. Ingestion points: User draft prompt in SKILL.md (Phases 1-4). Boundary markers: Absent; user input is processed directly. Capability inventory: Restricted to reading local project manifest files in SKILL.md (Phase 0). Sanitization: Absent.
- [SAFE]: Technical analysis of the Phase 0 logic confirms that file system access is limited to standard project configuration files used for tech stack detection.
- [SAFE]: The skill does not contain executable scripts, remote downloads, or network exfiltration operations.
Audit Metadata