sharp-edges
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The primary function of the skill is to act as a living catalogue of known software bugs and their respective fixes. The provided scripts are scaffolds with no functional logic, and the content is aimed at improving code security and stability.\n- [PROMPT_INJECTION]: The skill implements a 'Memory Protocol' that instructs the agent to read from and write to
.claude/context/memory/learnings.md. This mechanism for persistent state creates a surface for indirect prompt injection if an attacker can influence the contents of the memory file.\n - Ingestion points:
.claude/context/memory/learnings.md(accessed via instructions in SKILL.md).\n - Boundary markers: No specific delimiters or safety warnings for the stored content are defined.\n
- Capability inventory: Metadata indicates the skill is intended to work with
Bash,Read, andWritetools.\n - Sanitization: No logic for sanitizing or validating the data stored in the memory files is present.
Audit Metadata