when-optimizing-prompts-use-prompt-optimization-analyzer

Warn

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to download the claude-flow@alpha package from the npm registry during execution in multiple phases.
  • Evidence found in SKILL.md and PROCESS.md across Phase 1, Phase 4, and Integration sections.
  • [REMOTE_CODE_EXECUTION]: The skill executes arbitrary code from an unverified external source at runtime.
  • Uses npx claude-flow@alpha hooks pre-task and npx claude-flow@alpha memory store to manage execution flow and state.
  • The use of an @alpha tag points to unstable or unverified versions of code being executed directly in the shell environment.
  • [COMMAND_EXECUTION]: The skill invokes shell commands using npx to interact with a task-runner/agent-framework.
  • Command patterns include: npx claude-flow@alpha hooks pre-task, npx claude-flow@alpha memory store, and npx claude-flow@alpha memory retrieve.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the way it processes external data.
  • Ingestion points: User-provided prompt text is passed directly to analysis scripts and agents (SKILL.md, README.md).
  • Boundary markers: None. The skill does not use delimiters or instructions to ignore embedded commands within the prompt being analyzed.
  • Capability inventory: The skill has shell execution access (npx) and spawns sub-agents (code-analyzer, researcher) to process the data.
  • Sanitization: No validation or sanitization of the input prompt text is performed before it is analyzed by the embedded JavaScript functions or the external agents.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 26, 2026, 03:21 AM
Security Audit — agent-trust-hub — when-optimizing-prompts-use-prompt-optimization-analyzer