Skills
skills/hoangvantuan/claude-plugin/deep-learner/Gen Agent Trust Hub

deep-learner

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests untrusted data from external sources (URLs and user-provided text), creating a potential surface for indirect prompt injection attacks. Malicious instructions hidden within the source material could attempt to override the agent's primary instructions or exfiltrate data.
  • Ingestion points: SKILL.md (Step 1: Nhận nội dung) via WebFetch or user input.
  • Boundary markers: The skill does not implement delimiters or 'ignore instructions' warnings for the external data.
  • Capability inventory: The skill utilizes WebFetch (network read), WebSearch (network research), and performs local file system writes to save summaries.
  • Sanitization: No sanitization or validation of the fetched content is described in the workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 03:00 PM