prompt-helper
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of a comprehensive set of Markdown-based guidelines for prompt design and auditing. It does not contain any executable code, scripts, or binary files.
- [DATA_EXPOSURE]: Analysis confirms the skill only references its own internal documentation files within the
${SKILL_DIR}/docs/directory. There are no attempts to access sensitive system files, environment variables, or hardcoded credentials. - [PROMPT_INJECTION]: The skill's instructions define specific roles for auditing and diagnosis. These are functional role assignments rather than malicious overrides or bypass attempts.
- [PROMPT_INJECTION]: The skill analyzes user-provided prompt text, creating an indirect prompt injection surface. Ingestion points: docs/workflow-audit.md and docs/workflow-diagnose.md. Boundary markers: Functional instructions to treat the target prompt as data for analysis. Capability inventory: Accessing internal documentation and generating reports. Sanitization: Not present, but the skill lacks dangerous tools to exploit potential injections.
Audit Metadata