Skills
skills/affaan-m/everything-claude-code/continuous-learning/Gen Agent Trust Hub

continuous-learning

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes session transcripts which may contain untrusted data provided by the user or external tools during the conversation.
  • Ingestion points: The evaluate-session.sh script reads the transcript file from the path provided via stdin at the end of each session.
  • Boundary markers: There are no explicit delimiters or boundary markers used to separate conversation content from instructions during the extraction process.
  • Capability inventory: The skill performs local file reads using grep and creates directories in the user's home folder.
  • Sanitization: No sanitization or validation of the transcript content is performed before signaling the agent to evaluate it for pattern extraction.
  • [COMMAND_EXECUTION]: The skill requires the manual configuration of a shell script (evaluate-session.sh) as a persistent 'Stop' hook in the user's local configuration.
  • Evidence: The script is executed automatically at the conclusion of every matching session to determine if pattern extraction is warranted.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 12:32 PM