Skills
skills/michalparkola/tapestry-skills/ship-learn-next/Gen Agent Trust Hub

ship-learn-next

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits vulnerability to indirect prompt injection as it is designed to ingest and process untrusted external data (transcripts, articles, tutorials) provided by users.
  • Ingestion points: The Read tool is used to access content from a user-specified FILE_PATH.
  • Boundary markers: There are no instructions to use delimiters or ignore potential commands within the external content during the analysis phase.
  • Capability inventory: The skill possesses Read and Write tool permissions, allowing it to access local files and create new ones.
  • Sanitization: No validation or sanitization of the input file's content is implemented before processing by the LLM.
  • [COMMAND_EXECUTION]: The skill requests a file path from the user and uses a shell-like representation (FILE_PATH="/path/to/content.txt") to define input. While the tools are restricted to Read and Write, an agent following these instructions might be manipulated into reading sensitive system files (e.g., configuration or credential files) if a malicious path is provided.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 04:56 AM