teach-me

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses open or xdg-open to display generated HTML lessons to the user. This is a standard method for presenting rich content and does not involve high-privilege operations.
  • [DATA_EXPOSURE]: The skill reads and writes to several files in the current workspace (MISSION.md, GLOSSARY.md, RESOURCES.md, etc.) to maintain state across sessions. This is the intended behavior for a stateful teaching tool.
  • [PROMPT_INJECTION]: There is a potential surface for indirect prompt injection as the agent is instructed to read instructions and state from workspace files (MISSION.md, NOTES.md, learning-records/) to determine its behavior. If an attacker provides these files, they could influence the agent's teaching logic. However, the skill explicitly mandates grounding lessons in a curated RESOURCES.md file to mitigate reliance on untrusted or parametric knowledge.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:22 AM
Security Audit — agent-trust-hub — teach-me