curriculum-review-pedagogy
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- [Dynamic Execution] (MEDIUM): The file 'skill.py' uses 'sys.path.insert' to dynamically add a framework directory to the Python search path. While common for local dependency resolution in agent skills, this is classified as a medium-risk practice because it relies on computed paths for loading code.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted curriculum data via the 'content_path' and 'objectives' parameters. Evidence Chain: 1. Ingestion points: 'content_path' and 'objectives' parameters in 'skill.py'. 2. Boundary markers: No delimiters or instructional warnings are used to separate user data from agent instructions. 3. Capability inventory: Internal data processing and automated report generation. 4. Sanitization: No input validation or sanitization is performed on the ingested content.
Audit Metadata