gaokao-chinese-tutor
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSNO_CODEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The README.md file contains instructions to clone a repository from an untrusted source (github.com/flysheep-ai/education-skills.git). While the current skill contents are benign, obtaining instructions from unverified third parties is a minor security risk.
- [NO_CODE] (SAFE): This skill contains no scripts, binaries, or executable code. The logic is entirely contained within Markdown-based LLM instructions, which prevents standard malware behaviors like RCE or exfiltration.
- [PROMPT_INJECTION] (LOW): The skill uses role-play instructions ('You are an experienced tutor') and goal-oriented directives. These are standard instructional patterns and do not attempt to bypass system safety filters or extract system prompts.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external text provided by users (essays, poems).
- Ingestion points: User-provided text in
SKILL.mdteaching steps. - Boundary markers: Absent; user content is not delimited from instructions.
- Capability inventory: Zero; the skill has no file-write, network, or subprocess capabilities.
- Sanitization: Absent.
- Severity: Low (INFO tier) as the only risk is conversational influence with no possible side effects.
Audit Metadata