review-skill-improver
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted feedback logs (CSV/structured formats) to generate 'Proposed Fix' recommendations for other skills.
- Ingestion points: Processes external feedback data provided as input.
- Boundary markers: No specific delimiters or sanitization steps are defined for handling untrusted data in the rationales.
- Capability inventory: Primarily generates markdown reports; however, it suggests future capabilities for 'Automated Skill Updates' and 'Generate PRs'.
- Sanitization: None observed. An attacker could potentially insert malicious instructions into a feedback 'rationale' field to influence the 'Proposed Fix' generated by the agent.
Audit Metadata