enhance-agent-prompts
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and parse external agent prompt files (
.md) from paths such as~/.claude/agents/. This constitutes an ingestion point for untrusted data. However, the skill's primary function is static analysis and formatting, which poses minimal risk of accidental instruction execution. - Ingestion points: Workflow: Parse; Agent File Locations:
~/.claude/agents/*.md,.claude/agents/*.md, etc. - Boundary markers: Absent.
- Capability inventory: File read/glob (implied by Discovery/Parse) and potential file write (implied by Auto-Fixes).
- Sanitization: Absent.
- [Data Exposure] (SAFE): While the skill references configuration directories in the user's home folder (e.g.,
~/.claude/), these are standard locations for agent settings. No evidence of credential access (e.g., SSH keys, API tokens) or external data exfiltration was found. - [Command Execution] (SAFE): The skill contains a small JavaScript snippet for argument parsing, but it does not invoke shell commands, subprocesses, or dynamic code execution typical of malicious skills.
Audit Metadata