Skills
skills/fw1201/tw-stu-skills/tw-stu-vocab-builder/Gen Agent Trust Hub

tw-stu-vocab-builder

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user-supplied data for literary analysis in the 'Guided Reading Practice' module.
  • Ingestion points: External text provided by the user is ingested for processing in Step 4 of the SKILL.md file.
  • Boundary markers: The instructions lack explicit boundary markers (e.g., XML tags or delimiters) to separate user data from the agent's instructional context.
  • Capability inventory: The skill's execution environment includes access to Bash, Read, and Write tools as specified in the SKILL.md frontmatter.
  • Sanitization: There are no instructions or mechanisms provided to sanitize or validate the user-provided text before the agent performs its analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 02:35 AM