learning-coach
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data, including source code snippets and project files, to provide coaching and feedback.
- Ingestion points: The agent reads user-provided code, external resources listed in
RESOURCES.md, and project files within the learning workspace as described inSKILL.mdandWORKSPACE-FORMAT.md. - Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands for the agent when processing this external content.
- Capability inventory: The agent has the capability to write and update multiple files in the local workspace, which could allow injected instructions to persist in the learning state (e.g., in
STUDY-PLAN.mdorlessons/). - Sanitization: There are no explicit sanitization steps defined for handling external inputs before they are incorporated into the agent's logic or workspace files.
Audit Metadata