learn
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines an ingestion surface for untrusted data by taking user-provided 'Insights' and 'Supporting evidence' and processing them into a structured knowledge base. Ingestion points: User input fields defined in SKILL.md ('Insight or learning', 'Supporting evidence'). Boundary markers: None present in the instructions to separate user data from system commands. Capability inventory: Subprocess calls to
intelligence-graph.pywithin SKILL.md. Sanitization: No sanitization or escaping of the input strings is specified before processing. - [COMMAND_EXECUTION]: The process involves calling a local script,
intelligence-graph.py, with arguments constructed from user-supplied data. This pattern introduces a potential for command injection if the execution environment does not properly escape shell characters.
Audit Metadata