assessment-creator
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill implements a workflow that involves creating a directory named
_workspace/at the project root and writing multiple markdown files to it, including the initial input (00_input.md) and subsequent analysis reports (e.g.,01_trend_analysis.md). - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by ingesting and processing untrusted user data like exam results, goals, and study history.
- Ingestion points: User inputs regarding exam names, subjects, goals, and existing performance data which are saved to
_workspace/00_input.mdfor processing by various agent roles. - Boundary markers: The skill lacks explicit boundary markers or instructions to the agent to ignore potentially malicious instructions embedded within the user-provided content.
- Capability inventory: The skill has the capability to write to the local file system and execute logical workflows based on the processed data.
- Sanitization: There is no evidence of input validation or sanitization of the provided educational materials before they are processed by the agent team.
Audit Metadata