generate-prompt
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, such as hardcoded credentials, data exfiltration, or persistence mechanisms, were found. The skill operates within its intended scope of generating text-based prompt templates.
- [COMMAND_EXECUTION]: The skill instructs the agent to use standard shell commands (
cat,head,grep) for internal operations.catis used to read reference files provided in the skill package, whileheadandgrepare used in Step 7 to validate the syntax and structure of the generated template files. - [PROMPT_INJECTION]: The skill processes user-provided task descriptions and requirements to generate templates, representing an indirect prompt injection surface. However, the risk is negligible as the output consists of static markdown files intended for human-in-the-loop usage. Evidence chain: 1. Ingestion points: User descriptions and task analysis in Steps 2-5; 2. Boundary markers: Markdown sections and headers; 3. Capability inventory: File write and standard shell command execution; 4. Sanitization: Syntax validation steps included in the skill workflow.
Audit Metadata