Skills
skills/winds-ai/agent-traversal-file/tech-learner/Gen Agent Trust Hub

tech-learner

Warn

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: MEDIUMPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (MEDIUM): The skill uses WebSearch and WebFetch to process untrusted content from the internet without using boundary markers or sanitization, making it vulnerable to Indirect Prompt Injection. Evidence: Ingestion points in SKILL.md under Research; no boundary delimiters specified; skill can read/write local state files.
  • [DATA_EXFILTRATION] (LOW): Persistent storage of user profile and learning progress in the home directory creates a target for data exposure if the agent is compromised via prompt injection.
  • [COMMAND_EXECUTION] (LOW): The use of user-provided topics to construct file paths for state storage (~/.claude/learning/{topic-slug}.jsonc) introduces a potential path traversal vulnerability if the agent fails to properly sanitize the input.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 07:36 PM