effective-questioning
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill's primary purpose is to ingest untrusted user input to determine implementation paths, creating a potential injection vector.
- Ingestion points: User responses provided through the
AskUserQuestiontool inSKILL.md. - Boundary markers: Absent. There are no instructions for the agent to use delimiters or to disregard instructions embedded within user-provided requirements.
- Capability inventory: The skill is restricted to interactive questioning; it does not contain direct code, file system access, network requests, or shell execution capabilities.
- Sanitization: Absent. The skill does not define validation or filtering logic for the data it collects, relying on the agent's global safety protocols.
Audit Metadata