Skills
skills/melodic-software/claude-code-plugins/ea-learning/Gen Agent Trust Hub

ea-learning

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOW
Full Analysis
  • [SAFE] (SAFE): No malicious patterns detected. The skill's primary function is providing information on architectural frameworks.
  • [DATA_EXPOSURE] (INFO): The skill utilizes Read, Glob, and Grep tools to search the local workspace for architecture documentation.
  • Evidence: The 'Connecting to Your Codebase' section explicitly describes searching for existing documentation and code patterns.
  • Risk Mitigation: Since the skill lacks network access (allowed-tools does not include curl or similar) and writing capabilities, the risk of data exfiltration or unauthorized modification is negligible.
  • [INDIRECT_PROMPT_INJECTION] (INFO): The skill processes untrusted data from the local codebase (architecture files, code patterns).
  • Ingestion points: Workspace files read via Read/Grep tools.
  • Boundary markers: None specified in the prompt instructions.
  • Capability inventory: Limited to read-only operations (Read, Glob, Grep). No command execution, file writing, or network operations are permitted.
  • Sanitization: Not explicitly mentioned, but the lack of active capabilities reduces the threat tier to INFO.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 04:28 AM