Skills
skills/yeachan-heo/oh-my-codex/deep-interview/Gen Agent Trust Hub

deep-interview

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No evidence of malicious behavior, direct prompt injection (jailbreaks), credential exposure, or obfuscation was found. The skill adheres to its stated purpose of requirement gathering and handoff to subsequent execution phases.
  • [COMMAND_EXECUTION]: The skill utilizes the explore and omx explore tools for brownfield context gathering, which involves reading the local codebase to inform the interview process. It also manages internal state and output artifacts by reading and writing files within the project's .omx/ directory.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests untrusted data that could contain malicious instructions. * Ingestion points: User-provided arguments and external codebase content retrieved via the explore tool. * Boundary markers: None explicitly implemented to delimit untrusted data from the agent's instructions. * Capability inventory: The skill can perform file-system operations (read/write in .omx/) and orchestrate other agent skills (ralplan, autopilot, ralph, team). * Sanitization: Content is processed without explicit sanitization or filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 09:49 AM