glossary-generator
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs legitimate educational content generation tasks using local documentation files. It does not engage in network activity or handle sensitive credentials.\n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes external documentation files to generate its output.\n
- Ingestion points: Reads files from
docs/learning-graph/02-concept-list-v1.md,docs/course-description.md, and recursively through/docs/**/*.md(SKILL.md).\n - Boundary markers: Absent. The instructions do not specify the use of delimiters or warnings to ignore instructions within the processed data.\n
- Capability inventory: Limited to reading and writing local documentation files (e.g.,
docs/glossary.md,mkdocs.yml) and creating JSON indices. No tools for network access, subprocess execution, or dynamic code evaluation are utilized.\n - Sanitization: Absent. Input text from markdown files is interpolated directly into prompts for definition generation without filtering.\n
- This surface is assessed as safe because the skill lacks the high-privilege capabilities necessary for impactful exploitation of injected instructions.
Audit Metadata