skill-interviewer
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code or dangerous behaviors detected. The skill is strictly limited to creative ideation and documentation tasks within the project environment.\n- [PROMPT_INJECTION]: The skill uses structured instructions and role-boundary enforcement to ensure it remains in a creative partner mode, preventing it from performing unintended administrative or execution tasks.\n- [PROMPT_INJECTION]: The skill processes user-provided ideas and converts them into structured specifications for other agents, creating a surface for indirect prompt injection.\n
- Ingestion points: User input gathered during the five phases of the interview process (Discovery, Boundaries, Team Fit, Technical Shape, Naming).\n
- Boundary markers: The skill utilizes Markdown headers and templates to structure output but does not implement explicit delimiters or 'ignore' instructions for interpolated user content.\n
- Capability inventory: File system access is limited to reading project-specific rules (
TEAM.md,PIPELINE.md) and writing documentation artifacts toproject/docs/specs/. The skill cannot execute code, access network resources, or modify system files.\n - Sanitization: No sanitization or escaping of user-provided strings is performed before they are written to the specification artifact.
Audit Metadata