learner
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to persist data by writing markdown files to specific directory paths such as
.omc/skills/and~/.claude/skills/. This is a routine operation for a configuration management skill. - [INDIRECT_PROMPT_INJECTION]: The skill creates a surface where untrusted data from a conversation can be converted into persistent instructions for future agent sessions.
- Ingestion points: Conversation history, including error messages and debug output (SKILL.md, Step 1).
- Boundary markers: The skill requires the use of YAML frontmatter templates for the generated files but does not explicitly specify sanitization for the body content.
- Capability inventory: File writing capabilities to project and user configuration directories.
- Sanitization: Step 2 includes quality validation checks focused on utility and specificity, although it does not explicitly screen for malicious instructional content.
- [DYNAMIC_EXECUTION]: The skill implements logic to generate and store new instructions (skills) using a predefined markdown template. This is consistent with the skill's stated purpose of self-improvement and learning.
Audit Metadata