prompt-generator
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill functions as a template generator and operates entirely within the text-based context of the AI model. It contains no executable scripts, system commands, or external dependencies.
- [PROMPT_INJECTION]: The skill ingests user-provided task descriptions to generate corresponding prompt templates. 1. Ingestion points: The {{TASK}} variable in the metaprompt section of SKILL.md. 2. Boundary markers: User-provided tasks are enclosed in XML tags. 3. Capability inventory: The skill has no capabilities for subprocess execution, file system modification, or network requests. 4. Sanitization: It includes logic to identify and fix 'floating variables' that are not properly demarcated. While this is an indirect prompt injection surface, it is the core functionality of the tool and uses structured markers to separate instructions from user data.
- [SAFE]: The file prompt-generator contains a directory path string (/Users/pa/.dotfiles/.claude/skills/prompt-generator/) which appears to be a local identifier for the skill's installation location and does not expose sensitive credentials or private system information.
Audit Metadata