prompt-engineering-patterns
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill provides a surface for indirect prompt injection through its templating system. Evidence: 1. Ingestion points: Templates in assets/prompt-template-library.md and the formatting logic in scripts/optimize-prompt.py incorporate user-provided variables into LLM prompts. 2. Boundary markers: The documentation recommends a specific instruction hierarchy to separate data from instructions, but the utility scripts do not enforce strict delimiters or escaping. 3. Capability inventory: The skill is limited to LLM completions and local file writing for benchmark results; no high-risk capabilities like shell command execution were identified. 4. Sanitization: No input sanitization is performed by the scripts, although the templates advise users to incorporate validation in their own implementations.
Audit Metadata