values-behavioral-interview
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by design, as it ingests and processes untrusted user-supplied career stories. A maliciously crafted story could potentially contain instructions that leverage the agent's 'Write' and 'Edit' capabilities to perform unauthorized file modifications. * Ingestion points: User-provided career stories and story bank templates processed via the 'Read' tool in SKILL.md. * Boundary markers: Absent; no specific instructions are provided to the agent to isolate or ignore instructions embedded within the user data. * Capability inventory: The skill specifies 'Read', 'Write', and 'Edit' permissions in the SKILL.md file. * Sanitization: Absent; the skill does not describe any validation or escaping mechanisms for the stories being reviewed.
- [NO_CODE]: The skill consists entirely of instructional markdown and reference files. No executable scripts, binaries, or package dependencies are included in the skill package.
Audit Metadata