recipe-create-classroom-course
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill leverages the 'gws' command-line interface to interact with Google Workspace APIs for classroom management. These commands (e.g., 'gws classroom courses create') are standard for the skill's stated administrative purpose.
- [PROMPT_INJECTION]: The skill utilizes placeholders such as 'COURSE_ID' and 'userId' which represent a surface for potential indirect prompt injection if the agent interpolates untrusted data without validation. Ingestion points: Placeholders in the JSON strings within SKILL.md. Boundary markers: No delimiters or ignore instructions are present. Capability inventory: Execution of 'gws' subprocesses. Sanitization: No input validation or escaping is specified in the recipe.
Audit Metadata