meta-prompting

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill does not contain malicious code, remote exfiltration patterns, or unauthorized credential access. It references local framework components (e.g., meta_prompting_engine) and follows expected development practices for agentic workflows.- [PROMPT_INJECTION]: The skill ingests untrusted data (tasks and previous outputs) as part of its recursive logic, creating an indirect prompt injection surface. 1. Ingestion points: {task}, {previous_context}, and {agent_output} variables across SKILL.md files. 2. Boundary markers: The framework uses XML-like tags and markdown headers to structure data, which helps the model distinguish content but does not act as a definitive security boundary. 3. Capability inventory: Recursive LLM orchestration and local file management in the .prompts/ directory via the referenced engine. 4. Sanitization: While the skill uses structured output to guide the LLM, it does not implement explicit input sanitization for interpolated prompt variables.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 11:30 AM
Security Audit — agent-trust-hub — meta-prompting