Skills
skills/redpanda77/skills/grill/Gen Agent Trust Hub

grill

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs local file operations to maintain project documentation and handoff files.
  • It creates and updates CONTEXT.md and Architecture Decision Records (ADRs) in the docs/adr/ directory.
  • It writes interview decisions to handoffs/<branch>.md or uses mktemp to generate temporary files for handoffs in non-git environments.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process untrusted data from the user's project environment.
  • Ingestion points: It reads CONTEXT.md, CONTEXT-MAP.md, CLAUDE.md, and general codebase files during the 'grilling' phase.
  • Boundary markers: The instructions do not define explicit delimiters or 'ignore embedded instructions' warnings for the data read from project files.
  • Capability inventory: The agent can perform file writes to the documentation and handoff directories and interact with the user via AskUserQuestion based on the ingested content.
  • Sanitization: No specific sanitization or filtering is applied to the content retrieved from the codebase before it is used to drive the interview logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 08:02 AM
Security Audit — agent-trust-hub — grill