discovery-interview
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's logic is entirely instructional and designed to facilitate a discovery interview between the AI and the user. It does not contain any prompt injection attempts or malicious code.
- [EXTERNAL_DOWNLOADS]: The skill's metadata includes an installation command that uses curl to download the skill's own content from the author's public GitHub repository, which is a standard distribution method for this environment.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it ingests untrusted user input during interviews and has the capability to write files and perform web searches. 1. Ingestion points: User responses to interview questions defined in SKILL.md. 2. Boundary markers: No explicit boundary markers or delimiters for user-provided data are identified in the prompt instructions. 3. Capability inventory: Includes the ability to perform web searches, fetch web content, and write files to the local filesystem (specifically 'thoughts/shared/specs/'). 4. Sanitization: No explicit sanitization or validation of user-provided data is mentioned before it is processed or incorporated into generated files.
Audit Metadata