pedagogy-review
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate pedagogical reviews as described in its metadata. No malicious patterns such as obfuscation, persistence mechanisms, or privilege escalation were found.
- [DATA_EXFILTRATION]: The skill uses Read and Write tools to process lecture slides and save reports. These operations are limited to the user-provided files and a local directory. No unauthorized network activity or sensitive file access (e.g., .ssh, .env) is present.
- [PROMPT_INJECTION]: This skill possesses an indirect prompt injection surface. 1. Ingestion points: Lecture slides (QMD or TEX files) specified in arguments. 2. Boundary markers: Absent. 3. Capability inventory: Read, Grep, Glob, Write, and Task. 4. Sanitization: Absent. This surface is a necessary part of the skill's review function and does not pose a high risk given the intended use case.
- [COMMAND_EXECUTION]: The Task tool is used to invoke a sub-agent for slide analysis. This usage is consistent with the skill's pedagogical purpose and does not involve the execution of arbitrary shell commands.
Audit Metadata