prompt-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The
references/prompt-techniques.mdfile contains a library of templates using instructional language (e.g., 'Ignore', 'You are an expert', 'Do NOT') to guide AI output. These are legitimate prompt engineering patterns rather than malicious bypass attempts, as they are part of the skill's documented optimization purpose.- [COMMAND_EXECUTION]: Thescripts/test.jsfile useschild_process.execSyncto run the skill's main script during testing. This usage is restricted to local execution of known scripts with hardcoded parameters and does not involve untrusted input.- [INDIRECT_PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection through its core template interpolation logic. - Ingestion points: User-provided prompts are ingested via command-line arguments in
index.js. - Boundary markers: The script does not utilize delimiters or 'ignore embedded instructions' warnings when merging user text into templates.
- Capability inventory: The skill's capabilities are limited to reading local reference files and performing string manipulation; it does not execute the generated prompts.
- Sanitization: There is no escaping or validation performed on the input string before it is placed into a
[Task]or[Complex Task]placeholder.
Audit Metadata