english-learner
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were detected in the skill's implementation.- [DATA_EXFILTRATION]: The skill reads and writes to ~/.english-learner/ to persist vocabulary data. It does not access sensitive system files or credentials, and no network exfiltration paths are present.- [COMMAND_EXECUTION]: The workflow relies on calling local Python scripts. These scripts do not use unsafe functions like eval() or os.system() and do not provide a path for arbitrary command execution.- [PROMPT_INJECTION]: The skill processes user-provided sentences and words. Although there are no specific boundary markers used to isolate untrusted input, the data processing is restricted to vocabulary management, posing a negligible risk for indirect prompt injection.
Audit Metadata