Skills
skills/stevengonsalvez/agents-in-a-box/enhance-prompt/Gen Agent Trust Hub

enhance-prompt

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references best practice guidelines from the official Stitch documentation at https://stitch.withgoogle.com/docs/learn/prompting/.
  • [PROMPT_INJECTION]: The skill architecture includes an indirect prompt injection surface where it reads and incorporates content from a local DESIGN.md file into its prompt generation logic.
  • Ingestion points: Local DESIGN.md file (referenced in SKILL.md Step 2).
  • Boundary markers: No explicit delimiters or instructions to disregard embedded instructions within the file content were identified.
  • Capability inventory: The skill uses Read and Write tools to extract context and save the resulting enhanced prompts to the file system.
  • Sanitization: No input validation or sanitization of the DESIGN.md content is performed before interpolation into the agent's output.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 09:05 AM