Skills
skills/codereaper1/stitch-skills/enhance-prompt/Gen Agent Trust Hub

enhance-prompt

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of external project files.\n
  • Ingestion points: The skill reads the DESIGN.md file in SKILL.md to extract design system context and tokens.\n
  • Boundary markers: The extracted content is placed under a structured header, but the instructions do not explicitly command the agent to ignore or isolate instructions that may be embedded within the project file.\n
  • Capability inventory: The skill has access to Read and Write tools to manage design documentation and generate output prompts.\n
  • Sanitization: No specific sanitization or schema validation is performed on the content read from the DESIGN.md file.\n- [EXTERNAL_DOWNLOADS]: The skill references up-to-date prompting guidelines from Google's official documentation at stitch.withgoogle.com, which is a well-known and trusted service.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 11:51 PM