grill-me
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses the codebase as a primary data source for its analysis, creating a potential surface for indirect prompt injection.
- Ingestion points: Local project files accessed during the 'explore the codebase' phase (SKILL.md).
- Boundary markers: None defined in the instructions to separate code content from agent instructions.
- Capability inventory: The agent is authorized to read local files to inform its interview responses.
- Sanitization: No input sanitization or validation of the codebase content is specified.
- [SAFE]: No other security concerns such as hardcoded credentials, malicious remote code execution, or obfuscation were identified. The skill's behavior is consistent with its stated purpose of design review.
Audit Metadata