interview-spec
Pass
Audited by Gen Agent Trust Hub on Feb 13, 2026
Risk Level: LOWNO_CODE
Full Analysis
================================================================================
✅ VERDICT: SAFE
This skill is purely instructional and defines a process for the AI to follow when conducting an interview for a specification document. It does not contain any executable code, external dependencies, or direct commands that could lead to security vulnerabilities. The skill's functionality relies solely on the AI's ability to understand and follow the provided instructions using its allowed tools (AskUserQuestion, Write, Edit, WebSearch).
Total Findings: 1
ℹ️ INFO Findings: • Indirect Prompt Injection Susceptibility
- The skill processes user input via
AskUserQuestion, making it susceptible to indirect prompt injection if a malicious user provides crafted responses. This is a general risk for interactive skills that process user-provided text, but the skill itself does not introduce new vulnerabilities.
================================================================================
Audit Metadata