money-learn
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats were identified. The skill performs standard file management operations within a local application data directory (~/.smtm/projects/).
- [PROMPT_INJECTION]: The skill facilitates 'Indirect Prompt Injection' by design, as its core purpose is to store user-provided observations that influence the behavior of other skills in future sessions. This is a functional feature for persistent memory rather than a security vulnerability.
- Ingestion points: The skill reads data from
~/.smtm/projects/{slug}/learnings.jsonl(SKILL.md) and accepts user input via theaddcommand. - Boundary markers: No explicit boundary markers or isolation instructions are defined for the injected learning content.
- Capability inventory: The skill instructions involve reading and writing to local files in a project-specific directory (SKILL.md).
- Sanitization: The skill implements basic error handling for JSONL formatting but does not include sanitization for instructions embedded within the natural language patterns it stores.
Audit Metadata