automatic-stateful-prompt-improver
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill automatically intercepts user requests and processes them through an external optimizer tool to generate new instructions. This creates a surface where a user could provide a prompt designed to manipulate the optimization process or the resulting instruction set.
- Ingestion points: User requests intercepted as defined in the 'Auto-Optimization Process' section of SKILL.md.
- Boundary markers: Absent; user input is interpolated directly into tool calls (e.g., prompt: [user's original request]) without delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill relies on MCP tools for prompt optimization, performance tracking, and sequential reasoning.
- Sanitization: No sanitization or validation of the ingested user input is specified in the prompt logic.
Audit Metadata