Skills
skills/nesnilnehc/ai-cortex/refine-skill-design/Gen Agent Trust Hub

refine-skill-design

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill ingests untrusted skill drafts which may contain embedded instructions designed to influence the agent's behavior during the refinement process.
  • Ingestion points: SKILL.md content provided as a document-artifact input.
  • Boundary markers: Absent. The instructions do not define clear delimiters or escaping mechanisms to separate the untrusted draft content from the agent's operational instructions.
  • Capability inventory: The skill is designed to perform file-write operations, specifically modifying or overwriting SKILL.md files.
  • Sanitization: Absent. The process requires semantic interpretation of the input to perform refactoring, making traditional sanitization difficult.
  • [COMMAND_EXECUTION]: The skill instructions explicitly authorize the agent to modify the local filesystem. Specifically, the 'Direct Overwrite' policy (set as the default behavior in the SKILL.md 'Output Persistence' section) allows the agent to replace existing instruction files with new content derived from its analysis of the input.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 11:15 AM