migrate-to-promptscript
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes content from various local instruction files which could contain adversarial prompts.\n
- Ingestion points: Uses the Read tool to ingest content from files like .cursorrules, CLAUDE.md, and .ai/instructions.md during the discovery and analysis steps.\n
- Boundary markers: Lacks explicit delimiters or instructions to the agent to distinguish between its own logic and the instructions contained within the source files.\n
- Capability inventory: The skill utilizes Bash, Write, Read, Glob, and Grep tools, providing a broad capability set if the agent is influenced by source content.\n
- Sanitization: No sanitization or validation of the source file content is performed before it is mapped to the new PromptScript blocks.\n- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute CLI validation and compilation commands.\n
- In Step 7, the skill executes prs validate and prs compile to check the generated output.\n
- These tools are vendor-specific utilities (PromptScript) provided by the author to support the migration workflow.
Audit Metadata