enhance-prompts
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs a local JavaScript tool located at 'lib/enhance/prompt-analyzer.js' using the node environment. This is the intended mechanism for the skill to perform its analysis and does not involve external command sources.
- [PROMPT_INJECTION]: The skill processes content from local files which serves as an ingestion point for potentially untrusted data. This surface is noted as a risk for indirect prompt injection, although the skill's primary function is static analysis. 1. Ingestion points: Files at the specified path argument. 2. Boundary markers: None identified in the workflow description. 3. Capability inventory: Local script execution via node. 4. Sanitization: No explicit sanitization or filtering of input file content is described.
Audit Metadata