tutor-math-geometry
Fail
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The initialization script ('init.py') and a sample rendering script ('render.sh') contain commands to download and execute the 'uv' installer from Astral's official domain ('astral.sh') using a 'curl | sh' pattern. Additionally, the skill's primary workflow involves generating a Python script ('script.py') based on user input and executing it via the Manim animation engine.
- [EXTERNAL_DOWNLOADS]: The skill utilizes the 'edge-tts' library to download voiceover audio from Microsoft's servers. It also references external tools and official installers for dependencies like 'uv', 'manim', and 'ffmpeg' needed for media production.
- [COMMAND_EXECUTION]: Several scripts ('render.py', 'validate_audio.py', 'check.py') use 'subprocess.run' to execute system commands including 'manim' for video rendering, 'ffmpeg' for audio processing, and 'uv' for dependency management.
- [PROMPT_INJECTION]: The skill presents an indirect injection surface by ingesting untrusted data from user-provided math problems to generate executable code. Ingestion points include 'math_analysis.md' and the storyboard scripts. No explicit boundary markers or sanitization logic are present to isolate user-derived content from system instructions, although the risk is moderated by the specific mathematical context and tool capabilities which are limited to media generation.
Recommendations
- HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
Audit Metadata