Skills
skills/hainamchung/agent-assistant/senior-prompt-engineer/Gen Agent Trust Hub

senior-prompt-engineer

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill exhibits a significant Indirect Prompt Injection surface by processing external content while maintaining high-privilege orchestration capabilities.
  • Ingestion points: The prompt_optimizer.py tool processes the data/ directory, and rag_evaluator.py processes the project/ directory.
  • Boundary markers: Absent. There are no delimiters or instructions provided to the agent to ignore embedded commands in the data being processed.
  • Capability inventory: The agent_orchestrator.py script includes a --deploy flag, and the skill documentation encourages the use of kubectl, helm, and docker for infrastructure management.
  • Sanitization: Absent. No evidence of input filtering or instruction-scrubbing logic is mentioned for the processed data.
  • [COMMAND_EXECUTION] (MEDIUM): The skill documentation facilitates the execution of several local Python scripts and system-level commands.
  • Evidence: The Quick Start and Common Commands sections provide patterns for running scripts like agent_orchestrator.py and utilizing infrastructure tools (docker, kubectl, helm), which grants the agent significant control over the local system and cloud environments if subverted.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:21 PM