interactive-learner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (LOW): The
scripts/find-videos.pyscript extracts video titles and descriptions from YouTube. This data is untrusted and could contain malicious instructions designed to influence the agent's behavior during evaluation.\n - Ingestion points: Video metadata fetched in
scripts/find-videos.py.\n - Boundary markers: Absent; the agent processes the raw scraped text.\n
- Capability inventory: The agent tracks learning progress and interacts with students.\n
- Sanitization: No sanitization of the scraped metadata is performed.\n- [Data Exposure & Exfiltration] (LOW): The skill performs network operations by connecting to
youtube.comto fetch search results. While this is intended for functionality, the domain is not on the trusted whitelist for exfiltration analysis.\n- [Unverifiable Dependencies & Remote Code Execution] (LOW): Thescripts/find-videos.pyscript declarescertifias a dependency without a pinned version. This represents a minor best-practice violation regarding dependency supply chain integrity.
Audit Metadata