skills/dnyoussef/ai-chrome-extension/when-optimizing-prompts-use-prompt-optimization-analyzer/Gen Agent Trust Hub
when-optimizing-prompts-use-prompt-optimization-analyzer
Warn
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses
npxto download theclaude-flow@alphapackage from the npm registry during execution in multiple phases. - Evidence found in
SKILL.mdandPROCESS.mdacross Phase 1, Phase 4, and Integration sections. - [REMOTE_CODE_EXECUTION]: The skill executes arbitrary code from an unverified external source at runtime.
- Uses
npx claude-flow@alpha hooks pre-taskandnpx claude-flow@alpha memory storeto manage execution flow and state. - The use of an
@alphatag points to unstable or unverified versions of code being executed directly in the shell environment. - [COMMAND_EXECUTION]: The skill invokes shell commands using
npxto interact with a task-runner/agent-framework. - Command patterns include:
npx claude-flow@alpha hooks pre-task,npx claude-flow@alpha memory store, andnpx claude-flow@alpha memory retrieve. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the way it processes external data.
- Ingestion points: User-provided prompt text is passed directly to analysis scripts and agents (
SKILL.md,README.md). - Boundary markers: None. The skill does not use delimiters or instructions to ignore embedded commands within the prompt being analyzed.
- Capability inventory: The skill has shell execution access (
npx) and spawns sub-agents (code-analyzer,researcher) to process the data. - Sanitization: No validation or sanitization of the input prompt text is performed before it is analyzed by the embedded JavaScript functions or the external agents.
Audit Metadata