stylekit-style-prompts
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on local script orchestration through the use of subprocesses. Scripts such as
run_pipeline.py,benchmark_pipeline.py, andci_regression_gate.shexecute other local Python and shell scripts to automate the prompt engineering workflow. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted user queries and structured reference data (JSON or files) which are then interpolated into complex prompts for downstream coding assistants.
- Ingestion points:
scripts/generate_brief.py(via--query,--reference-file, and--reference-jsonarguments). - Boundary markers: The generated prompts use descriptive headers but lack strict delimiters to isolate user-provided data from system instructions.
- Capability inventory: The skill can execute local Python scripts and shell commands via
subprocess.runas part of its pipeline. - Sanitization: The scripts perform tokenization and regex-based filtering for style matching but do not specifically sanitize inputs for prompt injection attack patterns.
Audit Metadata