enhance-prompt
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions for installing the tool from a trusted organization's repository (google-labs-code).
- [COMMAND_EXECUTION]: The README includes a command-line installation step using 'npx' to globally add the skill to the environment.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it incorporates untrusted content from user input and local project files into its prompt enhancement pipeline.
- Ingestion points: The skill reads user-provided prompts and the contents of a 'DESIGN.md' file from the local project directory (documented in SKILL.md Step 2).
- Boundary markers: It employs markdown structure, such as bold headers (e.g., 'DESIGN SYSTEM (REQUIRED)') and code blocks, to organize the interpolated data.
- Capability inventory: The skill is granted 'Read' and 'Write' tool access, allowing it to read 'DESIGN.md' and write outputs to files like 'next-prompt.md' or other user-specified paths.
- Sanitization: No explicit sanitization, filtering, or instruction-disregard logic is implemented to handle potentially malicious content within the source files or user prompts.
Audit Metadata