ship-learn-next
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill is susceptible to indirect prompt injection because it reads external, untrusted content (transcripts and articles) without sanitization or clear boundary markers. This could allow malicious instructions within the source material to influence the generated plans. 1. Ingestion points: Read tool usage on user-provided file paths in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Read and Write tools. 4. Sanitization: Absent.
Audit Metadata