Skills
skills/alexmikhalev/claude-code-continuous-learning-skill/continuous-learning/Gen Agent Trust Hub

continuous-learning

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The continuous-learning-activator.sh script is designed to be injected into every user prompt using high-priority language such as "CRITICAL" and "MANDATORY" to force the agent to perform knowledge evaluation.
  • [COMMAND_EXECUTION]: The skill requires manual shell command execution for installation and uses a bash script for its auto-activation hook.
  • [EXTERNAL_DOWNLOADS]: The repository is cloned from an untrusted GitHub account (blader) which does not match the author's vendor profile.
  • [REMOTE_CODE_EXECUTION]: The skill dynamically generates and stores SKILL.md files which act as new executable instructions for the agent. This process lacks automated sanitization or boundary markers to prevent untrusted session data from being codified into the permanent skill library.
  • [DATA_EXFILTRATION]: The skill has permissions to read conversation context and write to the filesystem while also possessing network access through web searching tools, creating a potential path for data harvesting if the agent processes malicious input.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 11:34 PM