Skills
skills/cafe3310/public-agent-skills/project-learner/Gen Agent Trust Hub

project-learner

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the system date command to generate precise timestamps for file naming conventions.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it is designed to read and continue sessions from previously generated or user-provided Markdown logs.
  • Ingestion points: Reads existing learning records or user-provided Markdown log files as described in the session initialization section of SKILL.md.
  • Boundary markers: There are no explicit instructions to use delimiters or to disregard potential instructions embedded within the ingested logs.
  • Capability inventory: The agent has the capability to execute the date command and perform file system read/write operations within the docs/ directory.
  • Sanitization: No specific sanitization or content validation steps are outlined for the data read from external or existing log files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 08:43 PM