meta-prompting
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script (
scripts/copy-to-clipboard.py) which invokes thepbcopysystem utility. This is the intended behavior of the skill to provide clipboard integration on macOS systems. - [COMMAND_EXECUTION]: The workflow instructions in
SKILL.mdemploy a quoted heredoc (<<'__meta-prompting-skill_EOF__') when passing the generated prompt to the script. This is a robust security measure that prevents the shell from interpreting special characters (like backticks or dollar signs) that might be present in the AI-generated text, effectively mitigating command injection risks. - [INDIRECT_PROMPT_INJECTION]: The skill acts on untrusted user-provided draft prompts.
- Ingestion points: User input is processed and refined into a new prompt.
- Boundary markers: The skill instructions specify wrapping the output in a unique quoted heredoc sentinel (
__meta-prompting-skill_EOF__). - Capability inventory: The skill can execute shell commands to run the local clipboard script.
- Sanitization: The use of quoted heredoc syntax prevents the agent's shell from executing any code contained within the refined prompt string.
Audit Metadata