advanced-prompting
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes the 'Nuclear Option' in 'references/reset-prompts.md' using the phrase 'Forget everything we've discussed', which is a known prompt injection pattern for resetting agent context and potentially bypassing previous instructions.
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection vulnerability surface (Category 8) as its primary function is to ingest and analyze untrusted external code and diffs. 1. Ingestion points: External code and PR diffs are processed via the 'Grill me' and 'Prove it' prompts in 'references/challenge-prompts.md'. 2. Boundary markers: No boundary markers or delimiters are used to separate user-provided code from instructions. 3. Capability inventory: The agent has access to 'Bash', 'Write', 'Edit', and 'Read' tools. 4. Sanitization: No sanitization or safety checks are performed on the ingested code snippets before they are analyzed or used in command execution examples.
- [COMMAND_EXECUTION]: The skill encourages the use of the 'Bash' tool to execute shell commands such as 'npm test' in 'references/verification-prompts.md' to verify changes, which presents a risk if the code being tested is untrusted and contains malicious lifecycle scripts or test cases.
Audit Metadata