Skills
skills/bayramannakov/ai-native-product-skills/team-assess/Gen Agent Trust Hub

team-assess

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests data from local context files (CLAUDE.md and team-profile.md) to inform the interview process and report generation. This creates an indirect prompt injection surface where a malicious file could potentially subvert the agent's instructions.
  • Ingestion points: The 'Before Starting' instructions explicitly tell the agent to check for and read CLAUDE.md and team-profile.md for context.
  • Boundary markers: Absent; there are no instructions to use delimiters or to ignore potential commands embedded within the context files.
  • Capability inventory: The skill is capable of file-system write operations, specifically generating team-assessment.md and radar-chart.svg.
  • Sanitization: Absent; content from the context files is used directly without validation, filtering, or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 06:34 PM