prompt-optimization
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill provides a significant attack surface by combining untrusted input with side-effect capabilities. (1) Ingestion points: Prompts provided for analysis via the Read tool. (2) Boundary markers: No delimiters or instructions to ignore embedded commands are present. (3) Capability inventory: The skill includes Write and Edit permissions for file system modification. (4) Sanitization: No sanitization or validation of the input content is implemented.
- [NO_CODE] (INFO): The skill consists entirely of instructional Markdown and contains no executable Python, Node.js, or shell scripts.
- [Prompt Injection] (SAFE): Instructional patterns such as 'CRITICAL' and 'ZERO TOLERANCE' are used exclusively within educational examples and do not attempt to bypass the agent's core safety guidelines.
Recommendations
- AI detected serious security threats
Audit Metadata