Skills
skills/pjt222/development-guides/learn/Gen Agent Trust Hub

learn

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted information from external web sources and local files, which is a known vector for indirect prompt injection.
  • Ingestion points: The procedure uses WebFetch and WebSearch to gather data from the internet and Read to explore codebases in Step 1 (Survey) and Step 3 (Explore).
  • Boundary markers: The skill lacks specific instructions to treat external data as untrusted or to disregard commands found within analyzed materials.
  • Capability inventory: The agent can read files, search the web, and write to local state files like MEMORY.md to consolidate findings.
  • Sanitization: No validation or filtering is applied to the retrieved content before it is integrated into the agent's mental model.
  • [NO_CODE]: The skill consists entirely of natural language instructions and metadata, with no executable scripts or external code dependencies provided.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 10:51 PM