the-interviewer
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill metadata and body contain directives ('ALWAYS use this skill before any other creation skill') designed to override the agent's natural task prioritization and routing logic.
- [PROMPT_INJECTION]: The skill defines a workflow that ingests untrusted data from the user's workspace, creating a surface for indirect prompt injection.
- Ingestion points: Instructions in
SKILL.mddirect the agent to 'Read whatever context exists in the workspace (voice docs, audience profiles, style guides, past examples, brand docs, strategy docs, anything relevant)'. - Boundary markers: The instructions lack requirements for delimiters or 'ignore embedded instructions' warnings when processing these files.
- Capability inventory: The skill is capable of triggering other specialized skills or performing complex generation tasks based on the ingested content.
- Sanitization: No sanitization, validation, or filtering mechanisms are specified for the workspace content before it is incorporated into the agent's context.
Audit Metadata