empirical-prompt-tuning

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs users to initialize their evaluation environment by running a local shell script via the command bash scripts/eval-skill.sh init <skill-name>.
  • [EXTERNAL_DOWNLOADS]: The documentation suggests an optional installation of an upstream skill version from a GitHub repository using the command apm install -g mizchi/skills/empirical-prompt-tuning.
  • [PROMPT_INJECTION]: (Indirect) The skill establishes an attack surface where potentially untrusted data from scenario files is processed by subagents during the evaluation loop. * Ingestion points: Scenario prompts are loaded from the local file system at evals/<skill-name>/scenarios.yaml. * Boundary markers: No explicit delimiters or system instructions are defined to protect subagents from potentially malicious content embedded within the scenario prompts. * Capability inventory: The subagents are executed using the Task tool with the general-purpose configuration, which grants them standard agent tools and capabilities. * Sanitization: The workflow does not include steps for sanitizing or validating the scenario prompt content before it is passed to the subagent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 11:35 AM
Security Audit — agent-trust-hub — empirical-prompt-tuning