ship-learn-next
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external sources (transcripts, articles) to generate plans and perform file operations.
- Ingestion points: Untrusted content is ingested using the Read tool from user-provided file paths.
- Boundary markers: There are no boundary markers or instructions to ignore instructions found within the input content.
- Capability inventory: The skill uses the Read and Write tools to interact with the file system.
- Sanitization: Input content and resulting filenames are not sanitized or validated before being used in file writing operations.
Audit Metadata