enhance-agent-prompts
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it is designed to ingest and process external markdown data from agent prompt files.
- Ingestion points: The agent is instructed to find and read .md files from paths such as
~/.claude/agents/*.md,~/.config/opencode/agents/*.md, and.codex/skills/. - Boundary markers: The instructions do not define clear boundaries or provide directives for the agent to ignore instructions embedded within the data it is analyzing.
- Capability inventory: The skill's workflow includes file discovery, reading, and a "Fix" mechanism that involves writing or editing files on the local filesystem.
- Sanitization: There is no mention of sanitizing, escaping, or validating the content of the analyzed files before they are processed or modified.
Audit Metadata