project-interview
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The instructions focus on conversational flow and data gathering. No override or bypass markers were detected.
- DATA_EXFILTRATION (SAFE): The skill uses local Read and Write tools to handle project files. No hardcoded credentials, sensitive file paths, or network operations to external domains were found.
- REMOTE_CODE_EXECUTION (SAFE): No script execution, package installations, or remote downloads are present.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted user input to generate learner profiles.
- Ingestion points: Learner responses are captured via 'AskUserQuestion' and stored in 'interview-data.md'.
- Boundary markers: Uses Markdown sections but lacks explicit delimiters to prevent the agent from following instructions embedded in user responses.
- Capability inventory: The skill has 'Read' and 'Write' permissions, which could be misused if a user injects instructions into the profile record.
- Sanitization: No validation or sanitization of user input is performed before writing to files.
Audit Metadata