prompt-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted user input when reviewing or optimizing prompts. Ingestion point: User requests to write or review prompts in Step 1. Boundary markers: Absent; the skill does not use delimiters to wrap user content. Capability inventory: Limited to reasoning and generating markdown files. Sanitization: Absent. While an attacker could provide a prompt containing malicious instructions, the skill's lack of network access or code execution capabilities limits the risk to text manipulation.
- SAFE (SAFE): No evidence of hardcoded credentials, malicious obfuscation, remote code execution, or unauthorized data exfiltration was found. The skill operates locally on text inputs.
Audit Metadata