pracmo-practice-everything
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill allows the user to define any topic for practice, which serves as an entry point for untrusted data that could contain malicious instructions. 1. Ingestion points: User input during the topic discovery phase specified in SKILL.md. 2. Boundary markers: No delimiters or protective instructions are used to separate user-provided topics from the agent's logic. 3. Capability inventory: The skill utilizes the AskUserQuestion tool but lacks file-system modification, network access, or command execution capabilities. 4. Sanitization: No validation or sanitization is performed on the user topic before it influences the agent's reasoning path.
Audit Metadata