grill-me
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill instructs the agent to 'explore the codebase' to answer questions about a design or plan. This creates an attack surface where malicious instructions embedded in the project files (e.g., in comments, documentation, or metadata) could influence the agent's behavior during the interview process.
- Ingestion points: Local codebase files (referenced in SKILL.md).
- Boundary markers: None specified in the skill instructions to distinguish between plan data and embedded instructions.
- Capability inventory: File system read access (implied by the instruction to explore the codebase).
- Sanitization: The skill does not provide mechanisms for sanitizing or validating the content retrieved from the codebase.
Audit Metadata