ship-learn-next
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill instructions do not contain any obfuscated code, hardcoded credentials, or unauthorized network operations. Its primary functionality is restricted to reading provided educational text and writing a markdown plan.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes untrusted external data such as YouTube transcripts and articles.
- Ingestion points: The skill uses the Read tool to access external content from file paths provided by the user (e.g., SKILL.md Step 1).
- Boundary markers: There are no explicit boundary markers or instructions to treat the processed content as data only, which could allow embedded instructions in the source text to influence the agent.
- Capability inventory: The skill has the capability to Read from and Write to the local file system.
- Sanitization: No specific sanitization or filtering is performed on the ingested content beyond extracting actionable lessons.
Audit Metadata