interview
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions are purely instructional and intended for the agent's task-specific behavior. There are no attempts to bypass safety filters or override system-level constraints.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive local file paths (e.g., SSH keys, AWS credentials) and does not perform any outbound network requests.
- [Remote Code Execution] (SAFE): No package managers (npm, pip) are invoked, and no remote scripts are downloaded or executed.
- [Indirect Prompt Injection] (LOW): The skill ingests user-provided input via the
$ARGUMENTSvariable within<topic>tags. While this represents an external data ingestion surface, the available tools (AskUserQuestion,Read) are restricted to interactive dialogue, presenting no significant security risk.
Audit Metadata