french-tutor
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates integration with the Mochi SRS flashcard application by instructing the agent to execute a local Python script located at
~/.claude/skills/mochi-srs/scripts/mochi_api.py. This action is designed to be gated by user review and approval, minimizing the risk of unauthorized execution. - [PROMPT_INJECTION]: The skill processes untrusted user input in the form of French text for correction and analysis, which establishes an indirect prompt injection surface.
- Ingestion points: User-provided text for correction in SKILL.md (Mode 3).
- Boundary markers: Absent; the skill does not employ specific delimiters or instruction-guarding techniques for the ingested text.
- Capability inventory: File system modification (state.json) and local command execution (mochi_api.py).
- Sanitization: Absent; the skill relies on the agent's default safety guardrails to handle potentially malicious instructions within the French text.
- [DATA_EXFILTRATION]: The skill maintains session state and vocabulary logs in a local directory (
~/.claude/skills/french-tutor/state.json). This is standard state management behavior and does not involve any outbound network connections or sensitive system file access.
Audit Metadata