pedagogy-review
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill reads content from external slides (.qmd or .tex) which could contain embedded instructions to manipulate the reviewer agent's output.
- Ingestion points: The Read, Grep, and Glob tools are used to ingest file contents into the agent context.
- Boundary markers: None are present to distinguish between instructional system prompts and untrusted document data.
- Capability inventory: The skill utilizes Read, Grep, Glob, Write, and Task tools; the Task tool launches a sub-agent for the review.
- Sanitization: No sanitization or content filtering is performed on the ingested slide data.
Audit Metadata