workleap-skill-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface in Phase 4 (Validation), where it processes external skill files and user-derived questions. This surface is characteristic of the skill's primary function to analyze and optimize documentation content.
- Ingestion points: Phase 4 reads the content of
SKILL.mdand files within thereferences/directory during validation. - Boundary markers: No specific delimiters or instructions to ignore embedded prompts are mentioned when passing content to the validation subagent.
- Capability inventory: The skill utilizes the
Tasktool to spawn subagents and instructions describe modifying skill metadata and body content. - Sanitization: No explicit sanitization or filtering of the input skill content is performed before it is analyzed by the agent or subagent.
Audit Metadata