prompt-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill workflow facilitates indirect prompt injection by ingesting raw user prompts for optimization without establishing clear security boundaries.\n
- Ingestion points: User input is received in
SKILL.md(Step 1) for analysis and transformation.\n - Boundary markers: Absent. The skill does not employ delimiters (e.g., XML tags or triple quotes) to separate untrusted user content from the system instructions.\n
- Capability inventory: The agent can generate and iteratively refine complex prompts, which could be exploited to bypass safety filters if malicious instructions are successfully injected.\n
- Sanitization: The process relies on manual clarification (Step 4) but lacks specific instructions to identify or strip embedded commands from user-provided text.\n- [NO_CODE] (SAFE): The skill is composed entirely of Markdown documentation and reference files (59 files total). No executable scripts, binaries, or package manifests were found.
Audit Metadata