writing-agent-prompts
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely informational and instructional, providing best practices for developers using Claude Code agents. No malicious behavior or security vulnerabilities were identified.
- [COMMAND_EXECUTION]: The documentation includes instructions on using the official
!commandfeature to inject live data (such as directory listings or file contents) into agent prompts. The examples provided, such asls,cat, andgh pr diff, are standard developer utilities used for context gathering and do not present a security risk within this instructional context. - [PROMPT_INJECTION]: The skill describes techniques for writing effective instructions, such as using 'pushy' language to ensure skill invocation and using 'DO NOT' blocks to prevent task drift. These are legitimate prompt engineering strategies used to improve agent accuracy and adherence to constraints, rather than attempts to bypass security filters or subvert the model's core safety guidelines.
Audit Metadata