grill-me
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it is instructed to 'explore the codebase' to answer questions. This behavior creates a surface where the agent might encounter and follow malicious instructions embedded in the project files it analyzes.
- Ingestion points: Codebase files (referenced in SKILL.md prompt).
- Boundary markers: Absent; there are no instructions to ignore embedded commands within the files.
- Capability inventory: File system read tools used for codebase exploration.
- Sanitization: Absent; the skill does not specify validation for content read from the codebase.
Audit Metadata