learn
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to capture user-provided 'learnings' and store them in
CLAUDE.md, which often serves as a set of persistent instructions for AI agents. - Ingestion points: Processes user-reported insights, 'gotchas', and architectural decisions as the source for documentation updates.
- Boundary markers: Uses structured Markdown templates with specific sections and code blocks, which help delineate content but do not strictly prevent instruction injection.
- Capability inventory: The skill focus is on text processing and formatting; it does not contain subprocess execution, network operations, or file system modifications beyond the intended documentation updates.
- Sanitization: Lacks explicit validation or sanitization of user-provided insights before proposing them for integration into the project's instruction set.
Audit Metadata