interview-task
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local bash scripts that invoke Git and the GitHub CLI. These scripts include regex validation to ensure that user-provided inputs like candidate names do not contain shell metacharacters, mitigating injection risks.
- [DATA_EXFILTRATION]: The skill manages repository data but includes explicit commands to set the visibility of new forks to 'private' via
gh repo edit, ensuring that candidate code and interview tasks are not exposed publicly. - [SAFE]: No malicious patterns such as credential theft, obfuscation, or unauthorized remote code execution were found. The skill operates within the author's own infrastructure ('polarsource').
Audit Metadata