skill-optimizer-yashu
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to execute Python scripts (
scripts/analyze.pyandscripts/optimize.py) to analyze and transform skill documents. - [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted Markdown and YAML data from external skill directories.
- Ingestion points: The scripts read the content of
SKILL.mdand documentation files within thereferences/folder of the skill being analyzed. - Boundary markers: No explicit delimiters are used to separate the analyzed file content from the agent's internal instructions.
- Capability inventory: The skill performs file system operations including reading files, writing optimized documents, and deleting temporary JSON reports.
- Sanitization: Input content is analyzed using regex and YAML parsing without sanitization or filtering for embedded prompt instructions.
- [COMMAND_EXECUTION]: The
analyze.pyscript includes logic to automatically delete files in the system's temporary directory matching a specific filename prefix.
Audit Metadata