cogworks-learn
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a validation script (
scripts/validate-skill.sh) that uses shell commands and a Python subprocess to verify the integrity and metadata of skill files. This is a functional component for quality assurance. - [COMMAND_EXECUTION]: An installation helper script (
scripts/install-to-agents.sh) is provided to register skills with the local environment using thenpx skills addcommand. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to process external source material for skill generation, which creates an indirect prompt injection surface. The instructions explicitly mitigate this by directing the agent to treat all imported source text as untrusted input.
- Ingestion points: Imported source text used as design input for skill generation (SKILL.md).
- Boundary markers: Explicit instruction to treat imported source text as untrusted unless marked otherwise (SKILL.md).
- Capability inventory: Subprocess execution (scripts/validate-skill.sh) and package management commands (scripts/install-to-agents.sh).
- Sanitization: Directive to treat content as untrusted to prevent widening tool authority or runtime behaviors.
- [SAFE]: No evidence of data exfiltration, obfuscation, or unauthorized access to sensitive system resources was found.
Audit Metadata