technical-requirements-interview
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted data from an external file (
business-requirements.yaml) and interpolates it into the agent's context to guide the interview. - Ingestion points: The skill explicitly requires loading
business-requirements.yamlas the primary context for the interview (documented in SKILL.md under 'Prerequisites' and 'Rules'). - Boundary markers: There are no explicit delimiters or instructions provided in the skill definition to treat the content of the YAML file as untrusted data or to ignore embedded instructions within that file.
- Capability inventory: The skill performs file system operations, specifically reading the input YAML and appending data to
technical-interview.jsonl. It also generates a newtechnical-requirements.yamlfile upon completion. - Sanitization: No evidence of sanitization, schema validation (beyond general structure), or filtering of the input file's content is present in the provided instructions.
Audit Metadata