octocode-prompt-optimizer
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill requests access to standard file-system tools (e.g., ReadFile, StrReplace, ApplyPatch) to perform its optimization tasks. These are scoped strictly to the prompt optimization workflow and include explicit restrictions against unauthorized system modifications.
- [PROMPT_INJECTION]: The skill processes user-provided prompts, which constitutes an indirect prompt injection surface. However, this is mitigated by a mandatory 6-step flow (READ → UNDERSTAND → RATE → FIX → VALIDATE → OUTPUT) and a 'Triple Lock' pattern that forbids altering the original logic or intent without explicit user approval.
- [DATA_EXFILTRATION]: No network operations to non-whitelisted or suspicious domains were found. The skill operates on local prompt files for the purpose of optimization only.
- [EXTERNAL_DOWNLOADS]: No external dependencies, package installations, or remote script fetches were detected.
- [DATA_EXPOSURE]: The skill includes a detailed 'VALIDATE' gate that checks for logical consistency, referential clarity, and intent preservation, serving as a sanitization layer for the data it processes.
Audit Metadata