to-questionnaire

Pass

Audited by Gen Agent Trust Hub on Jul 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill facilitates the creation of discovery questionnaires by prompting the user for context and writing the result to a Markdown file.
  • [PROMPT_INJECTION]: The skill processes user-supplied information to populate a questionnaire template. While it lacks explicit sanitization for user input, the risk is localized to the generated document which is intended for human review.
  • Ingestion points: User descriptions of the recipient's role and the required information gaps (SKILL.md).
  • Boundary markers: The instructions provide a specific Markdown template which acts as a structural constraint, though no explicit delimiters for user-provided strings are defined.
  • Capability inventory: The agent is instructed to write files to the local filesystem (SKILL.md).
  • Sanitization: There is no mention of escaping or filtering user input before it is written to the file.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 14, 2026, 06:34 PM
Security Audit — agent-trust-hub — to-questionnaire