ask-questions-if-underspecified
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions were found that attempt to bypass safety filters or override the agent's core safety protocols. The instructions specifically guide the agent to pause and ask for clarification, which is a safety-enhancing behavior.
- DATA_EXFILTRATION (SAFE): There are no commands for network access or hardcoded credentials. The mention of 'reading relevant config files' is limited to local discovery to help answer clarifying questions, which is standard for development agents.
- REMOTE_CODE_EXECUTION (SAFE): No remote scripts, package installations, or piped command executions are present in the skill.
- COMMAND_EXECUTION (SAFE): While the skill mentions running discovery commands, it does not provide any specific executable code or unsafe command patterns. It explicitly tells the agent NOT to run commands that commit to a direction until requirements are clear.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes user input (the primary ingestion point), but its purpose is to create a boundary by requiring human confirmation and clarification before any high-capability tools are used. This reduces the risk of the agent blindly following instructions embedded in a task.
Audit Metadata