learning-international-standards
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill accepts untrusted user data without validation or sanitization. 1. Ingestion points: 'source_content' parameter in skill.py. 2. Boundary markers: None present. 3. Capability inventory: No dangerous capabilities (such as shell execution, network requests, or file system modifications) were identified in the current code. 4. Sanitization: None present.
- Metadata Poisoning (LOW): There is a functional discrepancy between SKILL.md (focused on educational curriculum) and the Python implementation (focused on GDPR and compliance), which could mislead users or agents about the skill's capabilities.
- Code Quality (LOW): The variable 'skill_dir' is referenced in the execute method but is never defined, leading to a NameError during execution.
Audit Metadata