Geek-skills-gaokao-expert
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security threats were detected. The skill is dedicated to educational exam preparation and quality control.
- [COMMAND_EXECUTION]: The skill uses local Python scripts to analyze exam question quality and paper structure. These scripts perform legitimate data processing on JSON files provided by the user.
- [EXTERNAL_DOWNLOADS]: The skill uses web search and fetching tools to retrieve the latest educational policies and trends, which is necessary for its stated goal of providing up-to-date exam guidance.
- [PROMPT_INJECTION]: The skill processes external data from user-uploaded documents and web content. While this creates a surface for indirect prompt injection, it is essential for the skill's primary purpose of exam analysis, and no adversarial behavior was observed. Evidence Chain: Ingestion points (user uploads in /mnt/user-data/uploads/ in SKILL.md, web_fetch); Boundary markers (absent); Capability inventory (bash_tool for local scripts, web_search, web_fetch); Sanitization (absent).
Audit Metadata