whats-next
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests data from external files, creating a potential vector for instructions hidden in user content to influence the agent. * Ingestion points:
.claude/learning-sessions/learning-plan.json,my-vault/02 Calendar/YYYY-MM-DD.md, andideas/ideas/*/README.md. * Boundary markers: Absent. There are no delimiters or instructions to ignore embedded commands within the read files. * Capability inventory:Read,Glob. The agent cannot write files, execute arbitrary commands, or access the network, which prevents exfiltration or persistence. * Sanitization: Absent. Data is processed as raw text for summarization and prioritization.
Audit Metadata