prompt-engineering
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: All command examples and tool permissions refer to 'infsh', the official CLI of the skill author 'inference-sh'.
- [SAFE]: References to external URLs and skills point to the vendor's own verified infrastructure (inference.sh).
- [PROMPT_INJECTION]: The skill contains templates for processing untrusted data (e.g., code snippets, articles), creating a surface for indirect prompt injection. Findings: 1. Ingestion points: Placeholders such as [code] and [article text] in SKILL.md. 2. Boundary markers: Examples use labels and markdown formatting to delimit content. 3. Capability inventory: The skill utilizes the 'Bash(infsh *)' tool to send data to remote models. 4. Sanitization: Relies on the target model's native safety guardrails. This behavior is standard for prompt engineering documentation.
Audit Metadata