learn-rule
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill creates a persistent memory of rules which influences future agent behavior. While this is an attack surface for indirect prompt injection (where a user or a third party could attempt to poison the agent's 'learned' instructions), the skill explicitly requires a human-in-the-loop approval step ('Propose the addition and wait for user approval') before any rule is persisted. This significantly mitigates the risk of accidental or malicious behavioral overrides.
- [COMMAND_EXECUTION]: The skill describes persisting rules to a 'LEARNED' section or project memory. While this implies file modification or storage updates, it operates within the agent's existing memory management framework and does not invoke arbitrary shell commands.
- [DATA_EXPOSURE]: No hardcoded credentials, sensitive file paths, or external network operations were detected in the skill instructions.
Audit Metadata