experiment-design
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill defines several prompt templates that interpolate potentially untrusted data into the agent's context, which could lead to indirect prompt injection if the source data is malicious.
- Ingestion points: Data enters the system via the
--planargument indesign_experiments.pyand through placeholders like{results_json},{results}, and{hyperparameters}inreferences/stage-prompts.md. - Boundary markers: The prompt templates lack clear delimiters or instructions for the agent to ignore any embedded commands within the interpolated data.
- Capability inventory: The skill includes a Python script (
design_experiments.py) capable of reading and writing local files to generate experiment designs. - Sanitization: No evidence of sanitization or validation of the input strings before they are formatted into Markdown or JSON outputs was found in the script.
Audit Metadata