prompt-improver
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from user prompts and external web sources which then influences the agent's research and execution logic without explicit boundary markers or sanitization.
- Ingestion points: User prompts (defined in SKILL.md) and external web content fetched via WebFetch/WebSearch (defined in references/research-strategies.md).
- Boundary markers: The instructions lack explicit delimiters or instructions to ignore embedded commands within the processed data.
- Capability inventory: The skill utilizes powerful tools including Bash, Grep, Glob, Read, WebFetch, WebSearch, and AskUserQuestion.
- Sanitization: There is no evidence of input validation or escaping for the data ingested from external sources or user prompts before it is used to guide the agent's logic.
Audit Metadata