context-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted conversation history, which creates a potential surface for Indirect Prompt Injection (Category 8). Maliciously crafted messages in the dialogue could attempt to influence the agent's summarization or optimization logic.
- Ingestion points: The conversation data is ingested through the 'conversation' list parameters in the detection and compression functions defined in SKILL.md.
- Boundary markers: The provided code snippets do not implement boundary delimiters or specific instructions to ignore embedded commands within the processed messages.
- Capability inventory: The skill logic includes capabilities for reading files from disk (via '_load_from_disk') and invoking LLM summarization tasks.
- Sanitization: No explicit sanitization or validation of conversation content is present to mitigate the impact of adversarial input.
Audit Metadata