learn
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface because it processes untrusted session history to generate new skill content.
- Ingestion points: Current session history as described in the Process section of SKILL.md.
- Boundary markers: Absent; there are no instructions to ignore or delimit instructions within the session data.
- Capability inventory: The skill has the capability to write files to the skills/learned/ directory.
- Sanitization: No input sanitization or filtering is specified, although the risk is mitigated by the requirement for user confirmation before saving files.
- [NO_CODE]: The skill contains only instructional text and does not provide or execute any code or binary components.
Audit Metadata