start
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious logic, obfuscation, or unauthorized data access patterns were detected. The skill follows privacy best practices by explicitly instructing the agent not to collect personal identifiable information (PII).
- [PROMPT_INJECTION]: The skill processes user input and persists it to a local state file, which creates an ingestion surface for potential indirect prompt injection.
- Ingestion points: User responses to diagnostic questions regarding job roles and AI experience.
- Boundary markers: The skill mandates the use of numbered selection lists for user responses.
- Capability inventory: The skill has the capability to update the local file 'data/learner-profile.json'.
- Sanitization: The instructions include logic to map free-text answers back to valid numbered choices, providing a form of input validation.
Audit Metadata