canvas-peer-review-manager
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious instructions, obfuscation, or persistence mechanisms were identified in the skill body or metadata.
- [PROMPT_INJECTION]: No direct prompt injection or instructions to bypass safety protocols were detected.
- [PROMPT_INJECTION]: The skill ingests student-generated comments via the get_peer_review_comments tool, which creates a surface for indirect prompt injection. Ingestion point: Canvas peer review comments. Boundary markers: Not explicitly defined. Capability inventory: Messaging (send_peer_review_reminders) and local file writing (extract_peer_review_dataset). Sanitization: Not specified. The risk is mitigated by explicit safety guidelines requiring human-in-the-loop confirmation before any actions are taken based on the data.
- [DATA_EXFILTRATION]: Sensitive student PII is managed with explicit instructions for anonymization and adherence to FERPA standards, minimizing the risk of unauthorized data exposure.
- [COMMAND_EXECUTION]: The skill operations are restricted to structured MCP tool calls; no arbitrary command-line execution or shell access is requested.
Audit Metadata