Skills
NYC
skills/boshu2/agentops/learn/Gen Agent Trust Hub

learn

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill uses local shell commands (mkdir, while [ -f ... ], command -v ao) to manage directory structures and check for local CLI tools. These are standard operations for file-based knowledge management.
  • [PROMPT_INJECTION] (LOW): The skill processes free-text input from the user to generate file names and content. While it includes logic to sanitize slugs (removing special characters), the content itself is stored without sanitization.
  • [INDIRECT PROMPT INJECTION] (LOW): This skill presents an attack surface where malicious instructions could be saved into the knowledge base.
  • Ingestion points: User input via /learn [content] or AskUserQuestion (SKILL.md, Step 1).
  • Boundary markers: None. The content is written directly into a markdown file with minimal frontmatter (SKILL.md, Step 5).
  • Capability inventory: Uses mkdir -p, while -f, and command -v via shell (SKILL.md, Step 3, 4, 6).
  • Sanitization: The skill specifies removing special characters for the slug but does not specify sanitization or escaping for the content before writing to disk.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:09 PM