learning-log
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use local shell commands (
ls,grep,mkdir,cat) to manage alearning-log/directory. These operations are essential for the skill's intended file-management functionality and are restricted to a specific local path. - [PROMPT_INJECTION]: The skill ingests untrusted conversation data to generate log entries. This creates a surface for indirect prompt injection, but the agent's instructions to transform and distill the content into a fixed Markdown schema limit the risk.
- Ingestion points: Analyzes active conversation history (SKILL.md, Step 1).
- Boundary markers: None specified in the workflow.
- Capability inventory: Includes directory creation, file searching, and file writing to the local file system.
- Sanitization: Instructions to 'distill key concepts' and 'cut conversational filler' serve as semantic filtering of the input.
Audit Metadata