learning-coach

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data, including source code snippets and project files, to provide coaching and feedback.
  • Ingestion points: The agent reads user-provided code, external resources listed in RESOURCES.md, and project files within the learning workspace as described in SKILL.md and WORKSPACE-FORMAT.md.
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands for the agent when processing this external content.
  • Capability inventory: The agent has the capability to write and update multiple files in the local workspace, which could allow injected instructions to persist in the learning state (e.g., in STUDY-PLAN.md or lessons/).
  • Sanitization: There are no explicit sanitization steps defined for handling external inputs before they are incorporated into the agent's logic or workspace files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 04:45 PM
Security Audit — agent-trust-hub — learning-coach