tw-edu-curriculum-mapper
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a Python script (
scripts/generate_curriculum_map.py) to generate Excel files. This script is executed via the Bash tool as a local subprocess with arguments derived from user input. While user input flows into command arguments, the script logic (usingopenpyxl) is focused on document generation and does not execute shell commands or perform network operations. - [EXTERNAL_DOWNLOADS]: The skill mentions external references and MCP connectors (WebSearch, Google Drive). These are standard platform features. References to external
.mdfiles like../../tw_edu_concept_alignment.mdsuggest a structured skill environment, but no unauthorized remote code downloads were found. - [DATA_EXFILTRATION]: No patterns of data exfiltration were detected. The skill generates output files to a designated local path (
/mnt/user-data/outputs/) and optionally integrates with Google Drive for storage, which is a disclosed and standard functionality.
Audit Metadata