Skills
skills/mizchi/skills/empirical-prompt-tuning/Gen Agent Trust Hub

empirical-prompt-tuning

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest and execute external prompts via subagents, creating an indirect prompt injection surface.
  • Ingestion points: The skill reads a 'Target prompt' and scenario descriptions from the environment or user input, as specified in the 'Workflow' and 'Subagent invocation contract' sections of SKILL.md and SKILL-ja.md.
  • Boundary markers: The instructions use Markdown headers (e.g., ## Target prompt, ## Scenario) to delimit external content, which provides some structural separation but does not prevent intentional injection.
  • Capability inventory: The skill uses the Task tool to dispatch autonomous subagents and involves file-system operations to apply prompt 'diffs' (Workflow Step 5).
  • Sanitization: There is no evidence of automated sanitization, filtering, or validation of the input prompt content before it is passed to the subagent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 01:00 AM