deep-interview
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes platform-specific tools including
omx questionandomx explorevia shell execution to interact with the user and gather codebase facts. - [DATA_EXFILTRATION]: Manages and stores session state, interview transcripts, and execution specifications within the local
.omx/project directory. These operations are restricted to the local file system for metadata persistence. - [INDIRECT_PROMPT_INJECTION]: The skill acts as an ingestion surface for user-provided descriptions and codebase data which are then compiled into specifications for downstream agents.
- Ingestion points: Captures untrusted data through user answers in the
omx questiontool and codebase information retrieved via theexplorecommand. - Boundary markers: The skill instructions do not specify explicit delimiters or markers to separate user-provided content from agent instructions in the final Markdown artifacts.
- Capability inventory: Possesses capabilities to read from the codebase (
explore), write state and artifacts (state_write), and interact with the user via structured questioning. - Sanitization: No explicit sanitization or escaping mechanisms are described for user input before it is written to the
.omx/specs/directory.
Audit Metadata