course-operations-manual
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill focuses on structured text generation for course management. Analysis of the instructions reveals no hidden commands, obfuscation, or persistence mechanisms.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection via the
input_pdfand--courseparameters. Maliciously crafted input data could attempt to influence the agent's output behavior. - Ingestion points: Processes user-provided PDF documents (
input_pdf) and command-line arguments (--course). - Boundary markers: The instructions do not define specific delimiters or "ignore instructions" guards for the parsed content.
- Capability inventory: The skill is restricted to text generation and internal chaining to a document generator; it lacks file system access, shell execution, or network capabilities.
- Sanitization: There is no evidence of input validation or sanitization for the content extracted from external files.
Audit Metadata