teach
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill incorporates external scripts from the JSDelivr CDN to provide styling and syntax highlighting in generated files. Specifically, it uses the Tailwind CSS v4 Play CDN and Highlight.js library.
- [COMMAND_EXECUTION]: The instructions suggest executing CLI commands to open lesson files for the user and starting a local web server using the Python built-in module
http.server. It also mentions the potential use of tunneling services for network access. - [PROMPT_INJECTION]: The skill design relies on ingesting and processing external information to guide the teaching process, creating a surface for indirect prompt injection.
- Ingestion points: Data is ingested from external resource links and descriptions defined in
RESOURCES.md, as well as user-supplied objectives inMISSION.md. - Boundary markers: The formatting guidelines do not explicitly require boundary markers or instructions to disregard potential commands embedded within external data.
- Capability inventory: The skill manages a workspace via file system write operations and executes shell commands for file opening and serving.
- Sanitization: No specific sanitization or validation protocols are defined for handling the content or metadata derived from external resource links.
Audit Metadata