learning-game-designer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security vulnerabilities were detected in the skill's logic or metadata.
- [EXTERNAL_DOWNLOADS] (SAFE): The code does not perform any network requests or attempt to download external assets.
- [COMMAND_EXECUTION] (SAFE): No subprocess spawning or shell command execution patterns were found.
- [DATA_EXFILTRATION] (SAFE): There are no attempts to access sensitive system files (e.g., SSH keys, cloud credentials) or exfiltrate data via network protocols.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted user data ('topic', 'educational_level') and interpolates it into the response. While this creates a surface for indirect injection, the skill lacks the dangerous capabilities (exec/eval, file writing) necessary to exploit this vector.
- Ingestion point:
parameters['topic']andparameters['educational_level']inskill.py. - Capability inventory: None. The skill only returns a structured dictionary.
- [DYNAMIC_EXECUTION] (LOW): The skill modifies
sys.pathusing a relative path to import a base framework. This is a common pattern in agent skills and is considered low risk when the path is statically defined relative to the script location. - Evidence:
sys.path.insert(0, str(Path(__file__).parent.parent / "framework"))inskill.py.
Audit Metadata