teacher
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The instructions follow a pedagogical structure (Socratic, Feynman, Problem-Based) and do not contain attempts to bypass safety filters, extract system prompts, or override agent constraints.
- Data Exposure & Exfiltration (SAFE): The skill uses
Read,finder, andGrepto access the local codebase. This is intended for the purpose of explaining project-specific code to the user. No credentials, sensitive system paths, or unauthorized network exfiltration patterns were detected. - External Downloads & RCE (SAFE): The skill does not download external scripts or packages. All teaching methodologies are stored locally in the
cookbook/directory. - Indirect Prompt Injection (LOW): The skill has an ingestion surface for untrusted data via
web_searchandread_web_page. - Ingestion points: Data retrieved from external URLs via
read_web_pageand local files viaRead. - Boundary markers: Absent; the skill does not explicitly define delimiters for untrusted data.
- Capability inventory: The skill is limited to
Read,web_search,read_web_page,finder, andGrep. It lacks high-risk capabilities such as file-writing or arbitrary command execution. - Sanitization: Absent; the skill processes retrieved content directly for synthesis into teaching material.
- Obfuscation (SAFE): No encoded strings, hidden characters, or homoglyphs were found in the skill files.
Audit Metadata