generate-flashcards
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use standard shell utilities such as
lsandfindto discover lesson files and check for existing flashcard YAML files. These commands are used for routine file management tasks essential to the skill's primary purpose. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it reads and processes the full content of external markdown files to generate flashcard data.
- Ingestion points: The agent reads the content of
.mdlesson files from theapps/learn-app/docsdirectory. - Boundary markers: No specific delimiters or instructions to ignore embedded commands within the lesson files are specified in the reading phase.
- Capability inventory: The agent has the capability to list directories, find files, read file content, and write/modify files in the adjacent workspace.
- Sanitization: No sanitization or content validation steps are defined for the input markdown before processing.
Audit Metadata