prompt-engineering-patterns
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): Extensive Indirect Prompt Injection surface identified in the prompt template library. 1. Ingestion points: Untrusted data is processed via placeholders such as {text}, {code}, {request}, and {schema} in assets/prompt-template-library.md and scripts/optimize-prompt.py. 2. Boundary markers: There are no delimiters or 'ignore embedded instructions' warnings to prevent user input from overriding the system prompt. 3. Capability inventory: The templates support high-privilege operations including SQL query generation, code review, and API documentation. 4. Sanitization: No input validation or escaping is implemented before string interpolation.
- [COMMAND_EXECUTION] (MEDIUM): Risk of generating malicious executable content. The SQL Query Generation and Code Generation templates in assets/prompt-template-library.md are designed to produce executable code from natural language. Without strict output validation, these templates can be exploited to generate destructive queries or scripts that could be executed by the agent or a downstream system.
Recommendations
- AI detected serious security threats
Audit Metadata