design-training-program
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines an ingestion surface for untrusted data, which presents a risk of indirect prompt injection.
- Ingestion points: The skill processes 'Existing training materials or curricula' and 'Competency gaps' as optional inputs in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions provided to differentiate between the agent's core instructions and the external data being processed.
- Capability inventory: The skill metadata allows high-privilege tools including
Bash,Read,Write,Edit,Grep, andGlob. - Sanitization: No validation, escaping, or filtering procedures for ingested content are specified in the training design steps.
Audit Metadata