interview-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates entirely on local project files and does not attempt to access sensitive system credentials, establish network connections, or exfiltrate data. The logic is transparent and focuses on research methodology.
- [DYNAMIC_EXECUTION]: The skill utilizes an internal 'Task' tool to orchestrate multi-agent workflows. It dynamically generates prompts for specialized sub-agents by reading local skill files and interpolating project data. This includes a cross-skill dispatch in Phase 6 to the 'methods-writer' skill using study details extracted during analysis.
- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes and summarizes untrusted participant data from research transcripts.
- Ingestion points: Reads raw data from the
/interviews/and/theory/directories, which typically contain content provided by third parties. - Boundary markers: There are no specific delimiters or 'ignore embedded instructions' warnings present in the sub-agent phase prompts to isolate analyzed data from processing instructions.
- Capability inventory: The skill can perform file system writes (to create reports and codebooks) and spawn sub-agent tasks using the 'Task' tool.
- Sanitization: No explicit sanitization or input validation is performed on the transcript text before it is used to generate analytical memos, codebooks, or draft sections.
Audit Metadata