canvas-bulk-grading
Warn
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a workflow (Strategy C) that utilizes the
execute_typescripttool to perform bulk grading locally. This allows the agent to generate and execute arbitrary script code to process assignment data, which is a powerful capability that requires careful oversight.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external student submissions.\n - Ingestion points: Student submission data, including file attachments and metadata, are retrieved via the
list_submissionstool and processed by the AI.\n - Boundary markers: No specific delimiters or instructions are provided to help the AI distinguish between student-provided data and grading instructions.\n
- Capability inventory: The agent possesses the ability to execute code via
execute_typescriptand modify student records (grades and comments) viabulk_grade_submissionsandgrade_with_rubric.\n - Sanitization: The skill lacks explicit instructions for sanitizing student-controlled content (such as filenames or submission text) before it is used within the dynamic grading logic or code generation.
Audit Metadata