prompt-engineering-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill implements template systems for building LLM prompts from external data (e.g., in
references/prompt-templates.md). This creates an indirect prompt injection surface as user-controlled data is interpolated into instructions without mandatory delimiters. Ingestion points:SKILL.md,scripts/optimize-prompt.py,references/prompt-templates.md. Boundary markers: Mostly absent in implementation code; developers are expected to implement their own delimiters as per the prose descriptions. Capability inventory: Integration with Anthropic, OpenAI, and LangChain for model execution. Sanitization: No explicit sanitization or escaping logic is included in the template rendering snippets. - [EXTERNAL_DOWNLOADS]: The
references/few-shot-learning.mdguide utilizes thesentence-transformerslibrary, which automatically fetches pre-trained embeddings from Hugging Face's official repository (a well-known and trusted technology service) to perform semantic similarity calculations.
Audit Metadata