learning-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection during the analysis phase.
- Ingestion points: Data retrieved from Supabase views (e.g.,
v_common_patterns,v_feedback_summary) is interpolated directly into the AI analysis prompt via the{query_results}placeholder. - Boundary markers: The prompt template does not utilize clear delimiters or instructions to distinguish between the analysis instructions and the untrusted data being analyzed.
- Capability inventory: While the analysis skill primarily outputs a report, it integrates with a 'Self-Improve' workflow (
/learn:apply --auto) that suggests the agent may have the capability to modify configurations or rules based on the analysis output. - Sanitization: There is no evidence of sanitization or validation of the data retrieved from the database before it is processed by the LLM.
Audit Metadata