Skills
skills/garethmanning/claude-education-skills/coherent-rubric-logic-builder/Gen Agent Trust Hub

coherent-rubric-logic-builder

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests user-provided text and interpolates it directly into the prompt instructions.
  • Ingestion points: User-controlled fields learning_target, band, and product_or_performance are interpolated into the prompt in SKILL.md.
  • Boundary markers: The skill does not use specific delimiters or instructions to treat user input as untrusted data or to ignore potential instructions embedded within those fields.
  • Capability inventory: The skill is restricted via disable-model-invocation: true and has no access to shell commands, network operations, or file system APIs. Its impact is limited to influencing the generated text of the rubric.
  • Sanitization: No sanitization, escaping, or validation of user input is implemented to prevent command-like text from being processed as part of the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 02:41 AM