grill-me

Pass

Audited by Gen Agent Trust Hub on Jul 5, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill instructions define a conversational role for stress-testing user plans through a relentless interview process. All instructions are within the bounds of expected agent behavior.
  • [INDIRECT_PROMPT_INJECTION]: The skill facilitates reading from the local codebase to answer questions, which is a common pattern for developer tools. This establishes a surface for indirect prompt injection if malicious instructions are present in the codebase files.
  • Ingestion points: Local codebase files referenced during the interview.
  • Boundary markers: No specific delimiters or safety warnings are defined in the instructions to separate untrusted codebase content from the agent's core logic.
  • Capability inventory: The agent is authorized to explore the codebase and read file contents.
  • Sanitization: No explicit sanitization or validation of the codebase content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 5, 2026, 05:05 PM
Security Audit — agent-trust-hub — grill-me