enhance-prompt
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates locally on user-provided inputs and existing project files (e.g., DESIGN.md) without executing external code or accessing sensitive system areas.
- [EXTERNAL_DOWNLOADS]: The skill references official documentation from Google (withgoogle.com) to provide the agent with current best practices. This is a well-known service and the reference is for informational purposes.
- [DATA_EXFILTRATION]: No network exfiltration or credential harvesting patterns were found. All file operations (Read/Write) are within the scope of the intended functionality.
- [INDIRECT_PROMPT_INJECTION]: The skill incorporates external content by reading 'DESIGN.md'. While this represents a potential surface for indirect prompt injection, the instructions specifically guide the agent to format this as a structured 'DESIGN SYSTEM' block, which is standard behavior for maintaining project context and presents a low risk.
Audit Metadata