instructor
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The examples in
references/examples.mddemonstrate direct interpolation of untrusted data into prompts using f-strings (e.g.,f"Extract: {text}") without boundary markers or sanitization. While typical for educational content, this establishes an attack surface where malicious input could influence agent behavior. (1) Ingestion points:textandtextsvariables inreferences/examples.md. (2) Boundary markers: Absent. (3) Capability inventory: Data extraction and structured analysis. (4) Sanitization: Absent. - Metadata Anomaly (INFO): The code samples consistently reference a non-existent future model
claude-sonnet-4-5-20250929. While not explicitly malicious, this is noted as deceptive or inaccurate metadata.
Audit Metadata