skill-auto-improver
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain any malicious patterns, such as prompt injection, obfuscation, or unauthorized access to sensitive data. Its behavior is consistent with its stated purpose of skill optimization.
- [PROMPT_INJECTION]: As an analysis tool that reads other skill files (SKILL.md and references), there is an inherent surface for indirect prompt injection. If the skill being analyzed contains malicious instructions, the agent could potentially be influenced. However, the skill mitigates this by following a strict internal workflow and requiring explicit user approval of all changes in Step 6 before any files are modified.
- [COMMAND_EXECUTION]: The skill performs file system write operations to apply improvements and generate reports (Step 7 and Step 9). These operations are the primary intent of the skill and are restricted to the skill's own directory and a report file, with modifications only occurring after a user-reviewed planning phase.
Audit Metadata