Skills
skills/pixel-process-ug/superkit-agents/self-learning/Gen Agent Trust Hub

self-learning

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands including git log, git shortlog, git branch, ls, and cat to extract project metadata, tech stack information, and development history. These operations are scoped to local project analysis.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes data from untrusted files in the codebase.
  • Ingestion points: Phase 2 (Project Structure Scan) and Phase 3 (Code Pattern Analysis) explicitly instruct the agent to read and extract facts from files like README.md, package.json, and source code files.
  • Boundary markers: Absent. There are no instructions provided to wrap file content in delimiters or to ignore embedded instructions found within those files.
  • Capability inventory: The agent has the capability to execute shell commands (Phase 4) and write to the file system (Phase 5).
  • Sanitization: Absent. The skill does not define any validation or filtering mechanisms for the content being read before it is used to build the project's mental model or written to memory files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 12:42 AM