learn
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill's intended purpose is to research topics online and process external web resources. This introduces a surface for indirect prompt injection, where malicious instructions embedded in third-party websites could influence the agent's behavior during the data gathering or guide creation phases.
- Ingestion points: Online resources and web content (as described in the skill's purpose).
- Boundary markers: Absent; the skill does not define specific delimiters or instructions to ignore embedded commands in the source material.
- Capability inventory: The skill is designed to perform research, generate learning guides, and create RAG-optimized indexes.
- Sanitization: No evidence of input validation, sanitization, or content filtering is provided in the skill manifest.
- [NO_CODE]: The skill consists solely of a manifest file with YAML frontmatter and a brief natural language description. It lacks executable scripts, implementation logic, or detailed system prompts.
Audit Metadata