grill-me
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill's instructions are focused on design review and codebase verification. No patterns of data exfiltration, credential theft, or unauthorized command execution were identified.
- [NO_CODE]: The skill consists entirely of markdown-based instructions in SKILL.md and does not include any accompanying executable scripts, binaries, or external dependencies.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its requirement to read and process external plan files.
- Ingestion points: The skill is instructed to read contents from user-provided file paths to establish the interview context.
- Boundary markers: The instructions do not specify any delimiters or safety markers to separate the ingested plan content from the agent's core instructions.
- Capability inventory: The skill utilizes Grep, Glob, Read, and the Agent tool to explore the local environment and codebase.
- Sanitization: There is no evidence of sanitization or validation performed on the ingested file content before it is used to drive the questioning process.
Audit Metadata