create-meta-prompts
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): This skill enables multi-step workflows that chain AI outputs, creating a surface for Indirect Prompt Injection. 1. Ingestion points: The skill reads user descriptions and content from existing files in the .prompts/ directory to generate new prompts. 2. Boundary markers: It uses XML tags such as and to wrap external data, which provides structure but does not act as a security boundary against adversarial instructions. 3. Capability inventory: The prompt templates (e.g., do-patterns.md) suggest that the agent can perform file writes and run terminal commands such as npm test and npx tsc for verification. 4. Sanitization: There is no evidence of sanitization or filtering of the text retrieved from referenced files before it is interpolated into new prompts.
Audit Metadata