customer-interviewing
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill package contains a development utility script
evals/run-static-checks.shwhich executes shell commands and interprets an embedded Python block to perform consistency and structural checks on the skill's local files. - [PROMPT_INJECTION]: The skill's primary function involves analyzing untrusted user content such as interview notes and transcripts, which presents a surface for indirect prompt injection.
- Ingestion points: User-provided materials are ingested and processed by the
critique-questions,conduct, andsynthesizeintents as specified inSKILL.md. - Boundary markers: There are no explicit instructions or delimiters defined in the workflow to isolate user content or warn the agent against executing embedded instructions.
- Capability inventory: The skill logic focuses on text synthesis and transformation using local markdown playbooks and CSV routing; it does not utilize network tools or shell access during normal agent operations.
- Sanitization: No sanitization or validation of the ingested user material is performed prior to analysis.
Audit Metadata