evaluator-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Comprehensive analysis of the skill's logic and referenced criteria found no evidence of malicious behavior, data exfiltration, or unauthorized command execution. The skill operates as a high-level instructional loop for quality improvement.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes external artifacts (code, documentation, designs) which provides a surface for indirect prompt injection. However, this is inherent to its refinement purpose and is mitigated by the inclusion of a security-focused evaluation rubric.\n
- Ingestion points: External artifacts provided to the refinement loop (Step 1 in SKILL.md).\n
- Boundary markers: None explicitly defined in the prompt instructions.\n
- Capability inventory: Limited to text and code refinement; no tool execution or network access is requested in the skill configuration.\n
- Sanitization: Not present, but risks are addressed through a specific security review phase within the workflow that checks for common vulnerabilities.
Audit Metadata