skill-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill inherently processes content from other skills as its primary function, which creates an indirect prompt injection surface. If a target skill contains malicious instructions designed to subvert the optimization process, the agent could potentially be influenced. However, this is mitigated by the explicit 'Plan' and 'Confirmation' steps (Step 3 and 4 in SKILL.md) which require user review before any changes are implemented.
- Ingestion points: Step 2 in
SKILL.mdreads the target skill'sSKILL.md,references/,scripts/, andassets/. - Boundary markers: The skill uses a structured 'Optimization Progress' checklist and specific template formats for review conclusions, acting as functional delimiters.
- Capability inventory: The agent has file-read and file-write capabilities used to modify the target skill's directory.
- Sanitization: The skill relies on human verification of the proposed 'Optimization Plan' before executing modifications.
Audit Metadata