Skills
skills/b4r7x/agent-skills/improve-prompt/Gen Agent Trust Hub

improve-prompt

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local shell commands to gather project metadata.\n
  • Evidence: SKILL.md and references/project-research-playbook.md define workflows using find, cat, grep, git log, and python3 -c.\n
  • Context: These commands are used to discover technology stacks and file structures, which is aligned with the skill's stated goal.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to the ingestion of untrusted local files.\n
  • Ingestion points: Project documentation and configuration files such as README.md, package.json, and git history are read in SKILL.md and the research playbook.\n
  • Boundary markers: The skill does not implement delimiters or safety instructions to prevent the agent from following directions embedded within these files.\n
  • Capability inventory: The skill possesses file-reading and prompt-generation capabilities across its main logic and reference files.\n
  • Sanitization: There is no evidence of data sanitization or filtering applied to file contents before they are included in the generated prompt output.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 04:29 PM