Prompt Enhancer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it takes untrusted user input to generate structured technical prompts without using boundary markers or sanitization. Ingestion points: User input containing the -e flag as described in the workflow of SKILL.md. Boundary markers: Absent; no delimiters are used to wrap user input. Capability inventory: None; the skill explicitly forbids tool calls and has an empty allowed-tools list. Sanitization: Absent; no validation or escaping of input content is performed.
- [DATA_EXFILTRATION] (SAFE): No network access or sensitive file access patterns detected.
- [REMOTE_CODE_EXECUTION] (SAFE): No code execution, package installations, or remote script downloads found.
Audit Metadata