mixseek-prompt-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill includes instructions to run local shell commands (
uv run python -c) for TOML and Jinja2 syntax validation. This is a standard developer practice for configuration integrity.\n- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill facilitates the creation of configuration files that include raw user input in templates consumed by other agents.\n - Ingestion points: Untrusted user input is captured in the
user_promptvariable during the requirements gathering phase (Step 1).\n - Boundary markers: The skill relies on Markdown headers (e.g.,
# タスク) to separate instructions from data within the generated templates, which does not prevent adversarial prompt injection.\n - Capability inventory: The generated TOML files influence the behavior of Leader, Evaluator, and Judgment agents in the MixSeek ecosystem.\n
- Sanitization: No sanitization, escaping, or validation logic is applied to the
user_promptbefore it is interpolated into the Jinja2 templates.
Audit Metadata