fin-guru-learner-profile
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to bypass safety filters or override agent behavior were found. The language is purely instructional for profile building.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network operations (like curl or fetch) were detected. The skill only manages internal context for learner profiles.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external packages, scripts, or remote code patterns are referenced. The skill does not install any dependencies.
- [Command Execution] (SAFE): No system commands, shell scripts, or subprocess executions are present in the skill.
- [Indirect Prompt Injection] (LOW): The skill ingests user input (learner responses) to build a profile. While it lacks explicit boundary markers for this data, the skill has no dangerous capabilities (no code execution, no network access, no file system writes) that could be exploited if a user attempted to inject instructions into their profile data.
Audit Metadata