hreng-hire-eval
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it processes untrusted candidate submissions as primary input. A candidate could potentially include hidden instructions within their code or notes to bias the AI's scoring.\n
- Ingestion points: Candidate submission files and interview notes (identified in SKILL.md).\n
- Boundary markers: None present; instructions do not explicitly tell the agent to ignore instructions embedded within candidate data.\n
- Capability inventory: The skill utilizes local scripts for output validation but lacks high-privilege capabilities like network access.\n
- Sanitization: No input sanitization or validation of the candidate's content is performed before processing.\n- Command Execution (SAFE): The skill contains a shell script (scripts/check-hreng-hire-eval.sh) and a Python script (scripts/validate-hreng-hire-eval.py) for verifying the format of evaluation reports. These scripts are executed locally and do not perform any unauthorized or malicious operations.
Audit Metadata