curriculum-designer
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill demonstrates legitimate educational design functionality. All external references and shared agents (e.g., moai-core, moai-office) are consistent with the vendor's ecosystem, and no high-risk command execution or network exfiltration was detected.
- [PROMPT_INJECTION]: The skill processes untrusted user-provided materials (such as existing curricula and job descriptions), which presents a standard surface for indirect prompt injection.
- Ingestion points: The workflow in
references/course-builder.mdandreferences/competency-modeler.mdinvolves reading user-supplied documents for analysis and improvement. - Boundary markers: The instructions do not specify the use of clear delimiters or instructions to the agent to ignore potentially embedded commands in user files.
- Capability inventory: The skill has the ability to write files to a local
_workspace/directory and utilizes thesequentialthinkingtool. - Sanitization: No specific sanitization or content validation logic is defined for the external files being processed.
Audit Metadata