evaluate-improve
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from evaluation benchmarks (benchmark.json) which may contain untrusted content. This content is analyzed by a subagent to generate modifications for the skill's instructions or description.
- Ingestion points: Reads evaluation results from
<plugin-name>/skills/<skill-name>/eval-results/benchmark.jsonin Step 1. - Boundary markers: The instructions do not define clear delimiters or include warnings for the subagent to ignore instructions embedded within the benchmark data.
- Capability inventory: The skill has the ability to modify local files using the
EditandWritetools, and can execute specific shell commands viaBash. - Sanitization: No sanitization or validation of the benchmark JSON content is performed before it is passed to the analysis subagent.
Audit Metadata