Skills
skills/huminglong/my_claude_skills/spec-interview/Gen Agent Trust Hub

spec-interview

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8) due to its core functionality of processing external data.
  • Ingestion points: Reads content from plan.md or user-specified technical documents (File: SKILL.md).
  • Boundary markers: Absent. The instructions do not provide delimiters or specific commands to ignore instructions embedded within the ingested data.
  • Capability inventory: Uses AskUserQuestionTool for interactive dialogue and has the authority to write output back to the filesystem (File: SKILL.md).
  • Sanitization: None detected. There is no mechanism to prevent malicious instructions inside a plan.md from overriding the agent's intended role.
  • Risk: An attacker-controlled document could contain instructions that cause the agent to exfiltrate data through its questions or write malicious code to the local environment under the guise of a 'refined specification'.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:31 AM