@3182/ai-learning-coach

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides a specific JavaScript snippet in the 'Tracker JSON' section and instructs users to paste this code into their browser console. Encouraging users to execute arbitrary JavaScript in their browser (Self-XSS) is a security anti-pattern that can be exploited by attackers if users become accustomed to this behavior.
  • [EXTERNAL_DOWNLOADS]: The skill references external URLs for project tracking and source code access, specifically community.iamstarchild.com and a GitHub repository under the Starchild-ai-agent organization. These links are used to facilitate the intended learning roadmap functionality and point to the author's own infrastructure.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 12:56 AM
Security Audit — agent-trust-hub — @3182/ai-learning-coach