prompt-optimization
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of instructional markdown text. There are no associated scripts (Python, JavaScript), binaries, or configuration files that could be used to execute commands or download remote content.
- [PROMPT_INJECTION] (LOW): The skill demonstrates a vulnerability surface for indirect prompt injection (Category 8). 1. Ingestion points: The workflow instructs the agent to 'Read the user's original prompt' (SKILL.md). 2. Boundary markers: None are defined to separate the instructions from the user-provided data. 3. Capability inventory: The skill has no capabilities for file writing, network access, or command execution. 4. Sanitization: No sanitization or validation of the input prompt is specified. The risk is classified as LOW as the output is restricted to internal reasoning and display only.
Audit Metadata