discovery-interview-prep
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown instructions providing a logic flow for an LLM interaction. It does not include any Python scripts, Node.js modules, shell scripts, or binaries.
- [SAFE]: No malicious patterns, obfuscation, credential exposure, or unauthorized network/file operations were detected. The skill follows legitimate pedagogical patterns for discovery research.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting user-provided context and responses into a final generated output.
- Ingestion points: User input is collected in Step 0 (Context gathering) and Questions 1 through 4 in
SKILL.md. - Boundary markers: The skill uses simple bracketed placeholders (e.g.,
[From Q1]) in the output template but does not implement explicit delimiters or 'ignore embedded instructions' warnings for the model. - Capability inventory: The skill possesses no executable capabilities; it does not perform subprocess calls, file system writes, network requests, or dynamic code execution.
- Sanitization: No input validation or sanitization is performed on user-provided strings before they are interpolated into the 'Discovery Interview Plan' output.
Audit Metadata