gaokao-expert

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes provided Python scripts to analyze question and paper data.
  • Evidence: Instructions in SKILL.md direct the agent to run python scripts/analyze_question.py and python scripts/analyze_paper.py.
  • The scripts process JSON data using standard libraries and write analysis results to text files on the local filesystem.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from user-uploaded documents to generate exam analysis.
  • Ingestion points: External files (PDF, Docx) accessed via the view tool or specialized skills as described in SKILL.md.
  • Boundary markers: The instructions do not define specific delimiters for separating user-provided content from agent instructions.
  • Capability inventory: The skill can execute local scripts and write output files (scripts/analyze_paper.py, scripts/analyze_question.py).
  • Sanitization: Data is converted to a structured JSON format before processing, which provides a layer of isolation, although the raw text content is not explicitly sanitized.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 02:27 AM
Security Audit — agent-trust-hub — gaokao-expert