empirical-prompt-tuning
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs users to initialize their evaluation environment by running a local shell script via the command
bash scripts/eval-skill.sh init <skill-name>. - [EXTERNAL_DOWNLOADS]: The documentation suggests an optional installation of an upstream skill version from a GitHub repository using the command
apm install -g mizchi/skills/empirical-prompt-tuning. - [PROMPT_INJECTION]: (Indirect) The skill establishes an attack surface where potentially untrusted data from scenario files is processed by subagents during the evaluation loop. * Ingestion points: Scenario prompts are loaded from the local file system at
evals/<skill-name>/scenarios.yaml. * Boundary markers: No explicit delimiters or system instructions are defined to protect subagents from potentially malicious content embedded within the scenario prompts. * Capability inventory: The subagents are executed using theTasktool with thegeneral-purposeconfiguration, which grants them standard agent tools and capabilities. * Sanitization: The workflow does not include steps for sanitizing or validating the scenario prompt content before it is passed to the subagent.
Audit Metadata