ai-learning-boundary-mapper
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain any malicious code or security threats. Its functionality is restricted to text generation based on educational design principles.
- [PROMPT_INJECTION]: Analysis of the prompt logic shows it adheres to instructional guidelines. No commands to override safety protocols, extract system prompts, or bypass constraints were detected. The use of "CRITICAL PRINCIPLES" is contextual to pedagogical design (e.g., backward design) and not an attempt to hijack the agent.
- [DATA_EXFILTRATION]: No network requests (curl, wget, fetch) or hardcoded credentials were found. The skill does not access sensitive system files or environment variables.
- [REMOTE_CODE_EXECUTION]: The skill does not install third-party packages or execute remote scripts. It contains no use of eval, exec, or subprocess calls.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied assignment descriptions and learning objectives. While these are ingested without explicit sanitization or boundary markers, the skill lacks the capabilities (like file writing or network access) that would make this an exploitable vulnerability surface.
Audit Metadata