prompt-architect
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function is to ingest, analyze, and transform untrusted user prompts (documented in
SKILL.mdandscripts/prompt_evaluator.py). It lacks explicit boundary markers or directives to the agent to treat input as untrusted data, which could lead to the agent following instructions embedded within the user's prompt during the refinement process. - Ingestion points: User-provided text enters the agent context through the 'Initial Assessment' and 'Apply Framework' phases.
- Boundary markers: Absent; no delimiters or 'ignore embedded instructions' warnings are provided to the agent.
- Capability inventory: The skill utilizes local string manipulation scripts (
scripts/framework_analyzer.pyandscripts/prompt_evaluator.py) and does not possess high-risk capabilities like network access or shell execution. - Sanitization: No input sanitization or validation is performed on the user prompts.
Audit Metadata