@3182/ai-learning-coach
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a specific JavaScript snippet in the 'Tracker JSON' section and instructs users to paste this code into their browser console. Encouraging users to execute arbitrary JavaScript in their browser (Self-XSS) is a security anti-pattern that can be exploited by attackers if users become accustomed to this behavior.
- [EXTERNAL_DOWNLOADS]: The skill references external URLs for project tracking and source code access, specifically
community.iamstarchild.comand a GitHub repository under theStarchild-ai-agentorganization. These links are used to facilitate the intended learning roadmap functionality and point to the author's own infrastructure.
Audit Metadata