Skills
skills/garyblankenship/skill.md/skill-learning/Gen Agent Trust Hub

skill-learning

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from external sources and uses it to modify local files.
  • Ingestion points: The skill ingests data from external URLs via WebFetch (Phase 1a) and from local file systems via Read (Phase 1b).
  • Boundary markers: The instructions do not include specific delimiters or directives for the agent to ignore embedded instructions or commands within the source material being analyzed.
  • Capability inventory: The agent has the capability to modify the local filesystem using Edit and Write tools (Phase 6a, 6b).
  • Sanitization: There is no evidence of sanitization or filtering of the extracted content to remove potentially malicious instructions before they are presented to the user for approval.
  • [EXTERNAL_DOWNLOADS]: The skill fetches external content to facilitate its learning process.
  • It utilizes the WebFetch tool to retrieve data from user-provided URLs.
  • It employs r.jina.ai (a well-known service for LLM-friendly content extraction) as a fallback mechanism for scraping websites.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 10:45 AM