self-improvement
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to periodically inject reminders and historical learnings into the agent's context. This intentionally creates an indirect prompt injection surface where content from workspace files like
.learnings/LEARNINGS.mdorAGENTS.mdis processed as instructional data. This is mitigated by the use of distinct XML-style boundary markers and its status as a trusted productivity tool. - [COMMAND_EXECUTION]: The skill contains local Bash scripts (
scripts/extract-skill.sh) used for generating new skill scaffolds. The script correctly implements security best practices by validating user-provided skill names against a strict alphanumeric regex (^[a-z0-9]+(-[a-z0-9]+)*$) before performing file system operations, effectively preventing path traversal and command injection. - [EXTERNAL_DOWNLOADS]: The documentation references installation commands using
git cloneandclawdhubtargeting the author's own GitHub repositories (peterskoett). These references are consistent with the skill's intended deployment model and originate from the verified vendor.
Audit Metadata