grill-me
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it directs the agent to read and follow context from external, potentially untrusted sources like source code and configuration files.
- Ingestion points: Source files, types, configurations, and existing implementations (SKILL.md).
- Boundary markers: None present; there are no instructions to ignore embedded commands or treat file content as data only.
- Capability inventory: The skill utilizes the agent's inherent file-read capabilities to inspect the codebase.
- Sanitization: No sanitization or validation logic is defined to protect against malicious instructions embedded in comments or configuration values.
- [NO_CODE]: The skill contains no executable code, scripts, or package dependencies, relying entirely on the agent's internal reasoning and standard tools.
- Evidence: The skill definition is restricted to a markdown file with natural language instructions.
Audit Metadata