prompt-lookup
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design, as it fetches prompt templates from an external source and processes them.
- Ingestion points: Untrusted prompt text enters via search_prompts and get_prompt tools.
- Boundary markers: Instructions do not provide delimiters or instructions to ignore embedded commands in fetched data.
- Capability inventory: The improve_prompt tool allows the processing of retrieved external content.
- Sanitization: No content validation or escaping is implemented for the retrieved templates.
- [NO_CODE]: This skill provides instructions and tool definitions but does not contain or execute any local scripts or binaries.
Audit Metadata