teach-me
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
openorxdg-opento display generated HTML lessons to the user. This is a standard method for presenting rich content and does not involve high-privilege operations. - [DATA_EXPOSURE]: The skill reads and writes to several files in the current workspace (
MISSION.md,GLOSSARY.md,RESOURCES.md, etc.) to maintain state across sessions. This is the intended behavior for a stateful teaching tool. - [PROMPT_INJECTION]: There is a potential surface for indirect prompt injection as the agent is instructed to read instructions and state from workspace files (
MISSION.md,NOTES.md,learning-records/) to determine its behavior. If an attacker provides these files, they could influence the agent's teaching logic. However, the skill explicitly mandates grounding lessons in a curatedRESOURCES.mdfile to mitigate reliance on untrusted or parametric knowledge.
Audit Metadata