coding-tutor
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Python
subprocessmodule inscripts/setup_tutorials.pyandscripts/create_tutorial.pyto execute localgitandgh(GitHub CLI) commands. These operations are limited to managing the tutorials repository (e.g.,git init,git status) and are not exposed to unsanitized shell injection. - [EXTERNAL_DOWNLOADS]: The
setup_tutorials.pyscript includes an optional feature to create a private repository on GitHub to sync learning data. This utilizes a well-known service (GitHub) through its official CLI to provide persistence and backup for the user. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to analyze the user's codebase to provide contextually relevant teaching examples. While this processes external data, the risk is mitigated as the functionality is restricted to generating markdown tutorials within a specific local directory.
- Ingestion points: User's active codebase and
~/coding-tutor-tutorials/learner_profile.md. - Boundary markers: Not explicitly defined in instructions; the agent uses codebase content as reference context.
- Capability inventory: Writing markdown files to a localized tutorials directory and performing git-based version control.
- Sanitization: None; the skill relies on the agent's ability to interpret code as data for educational purposes.
Audit Metadata