learning-opportunities
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of the
.agents/docs/orientation.mdfile. It instructs the agent to read this file and follow the 'Suggested exercise sequence' section, which could be exploited by a malicious repository owner to inject hidden instructions into the agent's context. - Ingestion point: .agents/docs/orientation.md
- Boundary markers: Absent. The skill directs the agent to execute the sequence found in the file without explicit delimiters or safety warnings for the content.
- Capability inventory: The skill operates in a context where the agent has access to powerful tools like bash and file system modification to facilitate learning exercises.
- Sanitization: Absent. There is no validation or filtering of the content retrieved from the orientation file before it influences agent behavior.
Audit Metadata