prompt-analyze
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- File System Operations: The skill is designed to write logs and analysis reports to the
.copilot-tracking/reviews/logs/directory. While it performs file writes, the skill explicitly enforces a read-only constraint on the artifacts it analyzes, preventing unauthorized modifications to existing code or documentation. - Indirect Prompt Injection (Surface): As this skill processes and evaluates existing prompt artifacts, it is exposed to potential instructions embedded within the analyzed data.
- Ingestion points: Data enters the context via the
promptFilesinput or currently open files in the workspace. - Boundary markers: The skill uses a 'sandbox contract' and specific subagent dispatching (Prompt Tester/Evaluator) to isolate the execution of these prompts.
- Capability inventory: The skill can write files and execute prompts within a defined sandbox folder using subagents.
- Sanitization: The skill relies on standard platform isolation and a specific dispatch matrix to mitigate the impact of malicious instructions within the evaluated content.
- Subagent Dispatch: The skill interacts with external 'subagents' (Prompt Tester and Prompt Evaluator) to perform its core tasks. This behavior is documented as part of the orchestration flow and is used to maintain a consistent evaluation environment.
Audit Metadata