Skills
skills/lifangda/claude-plugins/ship-learn-next/Gen Agent Trust Hub

ship-learn-next

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill is vulnerable to indirect prompt injection because it processes untrusted external content and has write permissions.
  • Ingestion points: Step 1 directs the agent to use the Read tool on user-specified files containing potentially malicious content such as YouTube transcripts and articles.
  • Boundary markers: Absent. There are no instructions or delimiters to isolate the external content or to prevent the agent from obeying instructions embedded within it.
  • Capability inventory: The skill is authorized to use the Write tool to save Markdown files to the local file system (Saving the Plan section).
  • Sanitization: Absent. No logic exists to validate or filter the ingested material before it influences the agent's logic or is written to disk.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:23 AM