Skills
skills/dnyoussef/ai-chrome-extension/AgentDB Learning Plugins/Gen Agent Trust Hub

AgentDB Learning Plugins

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions direct the user to run npx agentdb@latest. This command fetches the agentdb package from the NPM registry at runtime.
  • [REMOTE_CODE_EXECUTION]: Use of npx agentdb@latest results in the execution of binaries downloaded from a remote repository. The package is unversioned (using the latest tag), which increases the risk of executing breaking changes or malicious updates from the package registry.
  • [PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by ingesting experience data into a reasoning system using adapter.insertPattern and adapter.retrieveWithReasoning.
  • Ingestion points: Untrusted experience data is stored via adapter.insertPattern in the SKILL.md examples.
  • Boundary markers: The provided code examples do not demonstrate the use of delimiters or warnings to prevent the agent from following instructions embedded within the training patterns.
  • Capability inventory: The skill interacts with the local file system to store the database (.agentdb/learning.db) and executes CLI tools via npx.
  • Sanitization: There is no evidence of sanitization or validation of the pattern_data field before it is processed by the reasoning engine, potentially allowing malicious payloads to influence agent outputs.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 07:18 AM
Security Audit — agent-trust-hub — AgentDB Learning Plugins