meta-prompting
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain malicious code, remote exfiltration patterns, or unauthorized credential access. It references local framework components (e.g., meta_prompting_engine) and follows expected development practices for agentic workflows.- [PROMPT_INJECTION]: The skill ingests untrusted data (tasks and previous outputs) as part of its recursive logic, creating an indirect prompt injection surface. 1. Ingestion points: {task}, {previous_context}, and {agent_output} variables across SKILL.md files. 2. Boundary markers: The framework uses XML-like tags and markdown headers to structure data, which helps the model distinguish content but does not act as a definitive security boundary. 3. Capability inventory: Recursive LLM orchestration and local file management in the .prompts/ directory via the referenced engine. 4. Sanitization: While the skill uses structured output to guide the LLM, it does not implement explicit input sanitization for interpolated prompt variables.
Audit Metadata