learning-experience
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No instructions attempting to bypass safety filters or override system prompts were detected. The skill follows a standard identity and reference system pattern.
- DATA_EXFILTRATION (SAFE): No network operations (curl, wget, fetch) or access to sensitive local file paths (credentials, ssh keys) are present.
- REMOTE_CODE_EXECUTION (SAFE): No external scripts are downloaded or executed. The skill consists entirely of Markdown documentation.
- COMMAND_EXECUTION (SAFE): No shell commands, subprocess calls, or system-level utilities are invoked.
- CREDENTIALS_UNSAFE (SAFE): No API keys, tokens, or hardcoded secrets were found in any of the files.
- OBFUSCATION (SAFE): The content is clear and readable with no signs of Base64 encoding, zero-width characters, or homoglyph-based evasion techniques.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill analyzes user-provided course content, it has no exploitable capabilities (such as writing to files or making network requests), making the impact of any potential injection negligible.
Audit Metadata