backend-quiz
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection because it ingests untrusted user input for quiz topics and answers without sanitization or boundary markers. The risk is limited because the skill only influences internal quiz logic and has no destructive capabilities. (1) Ingestion points: Topic selection in Step 1 and question answers in Step 2. (2) Boundary markers: Absent. (3) Capability inventory: Text generation and user interaction via AskUserQuestion only; no file or network access. (4) Sanitization: Absent.
- [Prompt Injection] (SAFE): No evidence of direct system prompt override or bypass instructions.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive files or external network endpoints detected.
- [Remote Code Execution] (SAFE): No external scripts or packages are referenced or executed.
Audit Metadata