differentiation-adapter
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses template variables to incorporate user-provided content directly into the prompt in SKILL.md, creating a potential surface for indirect prompt injection.
- Ingestion points: Untrusted data enters the context through fields like original_task, learner_profile, and student_profiles.
- Boundary markers: The prompt lacks explicit delimiters (such as triple quotes or XML tags) to separate these user-supplied inputs from the system's instructions.
- Capability inventory: The skill is strictly informational and does not include any scripts or allowed-tools that would permit file system modifications, network exfiltration, or command execution.
- Sanitization: There is no evidence of input validation or content filtering to prevent users from including adversarial instructions within the classroom task descriptions.
Audit Metadata