prompt-engineering
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill provides instructions on how to engineer prompts for other tasks but does not contain commands to override the host agent's safety protocols or system instructions.
- [DATA_EXFILTRATION] (SAFE): There are no file system access commands or network requests.
- [EXTERNAL_DOWNLOADS] (SAFE): No external dependencies or remote scripts are referenced for execution.
- [COMMAND_EXECUTION] (SAFE): The skill consists of documentation and code examples for prompt templating. It does not execute arbitrary shell commands.
- [INDIRECT_PROMPT_INJECTION] (LOW): While the skill discusses methods for interpolating data into prompts (e.g.,
{user_code},{retrieved_context}), these are provided as educational patterns. The skill itself does not ingest untrusted data. Developers implementing these patterns should apply proper boundary markers and sanitization as best practices.
Audit Metadata