english-learner
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely on local data and configuration files within the user's home directory (~/.learnwy/english-learner/). All database operations use parameterized queries to prevent SQL injection, and the installation of IDE hooks is performed as documented through a dedicated CLI command. No network exfiltration or suspicious remote code execution was identified.
- [PROMPT_INJECTION]: The skill automatically processes user messages to provide language assistance, which constitutes an indirect prompt injection surface. This is the intended primary purpose of the skill and is managed within the agent's context. * Ingestion points: User messages are read through the UserPromptSubmit and Stop hooks in 'user-prompt-scan.ts' and 'stop-response-scan.ts'. * Boundary markers: None present. * Capability inventory: The skill provides a CLI for database access and hook management. * Sanitization: The skill filters for language ratios but does not perform security-specific sanitization on user input before agent processing.
Audit Metadata