skills/dnyoussef/ai-chrome-extension/when-optimizing-prompts-use-prompt-architect/Gen Agent Trust Hub
when-optimizing-prompts-use-prompt-architect
Warn
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the
claude-flow@alphapackage, which is executed vianpx. This involves downloading and running code from the NPM registry, introducing a dependency on a third-party tool not maintained by a recognized trusted organization. - [COMMAND_EXECUTION]: The provided bash script templates in Phases 2 and 4 use command substitution
$(cat $INPUT_PROMPT)to pass file contents as arguments. If the input file contains shell metacharacters (e.g., backticks,$(), or semicolons), it could lead to arbitrary command execution in the shell environment where the script is run. - [PROMPT_INJECTION]: The skill functions by ingesting untrusted prompt data from external files for optimization. This creates an indirect prompt injection surface, as the agent may inadvertently follow instructions embedded within the target prompt during analysis or testing phases. The skill lacks explicit sanitization or the use of clear boundary markers for this untrusted input.
Audit Metadata