Skills
skills/qu-skills/skills/prompt-engineering/Gen Agent Trust Hub

prompt-engineering

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill serves as an educational resource, providing best practices and structured templates for interacting with various AI models.
  • [COMMAND_EXECUTION]: The skill utilizes the belt CLI tool to run examples. Access to this tool is restricted via the allowed-tools configuration in the frontmatter, ensuring it only runs specific authorized commands.
  • [EXTERNAL_DOWNLOADS]: The skill references external resources and installation guides from the inference.sh platform's GitHub repository. These references are associated with the official infrastructure of the service being documented.
  • [PROMPT_INJECTION]: The skill contains templates that interpolate potentially untrusted data into prompts, which is an inherent feature of prompt engineering tools.
  • Ingestion points: Placeholders in SKILL.md such as [article text], [code], and [previous output] are designed to receive external data.
  • Boundary markers: Boundary markers (like delimiters) are largely absent in the raw templates, though some examples use markdown blocks.
  • Capability inventory: The skill uses belt app run to transmit this interpolated data to remote AI models via API.
  • Sanitization: No explicit sanitization or escaping logic is included in the instructions for these templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 10:26 PM
Security Audit — agent-trust-hub — prompt-engineering