alignagent-adaptive-learner-intelligence
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's architecture is susceptible to indirect prompt injection within its diagnostic workflow. The 'SkillGapAgent' class implements a method that interpolates untrusted learner assessment data directly into a prompt for diagnostic reasoning without sufficient sanitization or protective delimiters.
- Ingestion points: The
_build_diagnostic_promptmethod inSKILL.md(Example 2) takes learner-supplied content (specificallyselected_answerandconceptsmetadata) and embeds it into a template used to generate AI reasoning. - Boundary markers: While the data is formatted using JSON encoding, the prompt template lacks explicit instructions to the model to ignore control sequences or instructions embedded within the data strings.
- Capability inventory: The resulting AI output determines the diagnostic explanations and the queries used to retrieve external educational resources.
- Sanitization: The implementation relies on standard JSON serialization which, while managing structure, does not prevent linguistic prompt injection intended to override the agent's behavior.
- [EXTERNAL_DOWNLOADS]: The skill references research and methodology from a public academic repository (arXiv) for the ALIGNAgent framework. This is a neutral reference to established educational research.
Audit Metadata