document-based-lesson-designer
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a purely instructional prompt designed for educational lesson planning. It does not perform any file system operations, network requests, or command execution.
- [PROMPT_INJECTION]: The skill ingests untrusted data through input fields like
document_setandcentral_questionand interpolates them directly into the system prompt. There are no boundary markers (e.g., XML tags or delimiters) or explicit 'ignore instructions' warnings used to wrap these inputs. This creates a surface for indirect prompt injection; however, because the skill has no tool-use capabilities or dangerous side effects, the risk is minimal. - [DATA_EXFILTRATION]: No network tools or commands capable of exfiltrating data are used or requested in the frontmatter.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials or access to sensitive environment variables were detected.
Audit Metadata