prompt-lab
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were identified during the analysis of the skill. All instructions and reference materials focus on prompt engineering best practices and educational content.
- [PROMPT_INJECTION]: The skill exhibits an inherent attack surface for indirect prompt injection as its core function is to analyze and refine user-provided prompts. However, this is not classified as a security threat given the context of prompt design. \n
- Ingestion points: Processes user-supplied existing prompts or task descriptions for analysis and variant generation (SKILL.md). \n
- Boundary markers: Relies on clear markdown structural headers and defined task phases to delimit user data from instruction logic. \n
- Capability inventory: The skill provides text-based engineering guidelines and lacks any capabilities for code execution, system modifications, or network communication. \n
- Sanitization: No automated sanitization of the user-provided prompt content is performed; the skill operates purely on the provided text to generate engineering outputs.
Audit Metadata