Skills
skills/gupsammy/claudest/extract-learnings/Gen Agent Trust Hub

extract-learnings

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to perform filesystem searches with find, retrieve repository history with git, and execute python3 for database interactions.
  • [DATA_EXFILTRATION]: The skill reads from sensitive local paths including the global agent preferences file (~/.claude/CLAUDE.md) and the session history database (~/.claude-memory/conversations.db). These operations are local and support the skill's primary function of memory management.
  • [PROMPT_INJECTION]: The skill ingests external data from git log and conversation history, which is then interpolated into prompts for sub-agents; this creates an indirect prompt injection surface that the skill manages through content quality rules and mandatory user approval steps.
  • [DYNAMIC_EXECUTION]: The skill generates and executes Python code at runtime to interact with local SQLite databases for historical data retrieval.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 01:18 PM
Security Audit — agent-trust-hub — extract-learnings