Skills
skills/tstelzer/skills/learning/Gen Agent Trust Hub

learning

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates a vulnerability to indirect prompt injection by maintaining persistent instructions in ~/.agents/memory.md that influence future agent behavior.
  • Ingestion points: The agent is instructed to read ~/.agents/memory.md at the start of every task autonomously.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the memory content as untrusted data or to ignore embedded instructions.
  • Capability inventory: The skill directs the agent to modify its behavior based on the statement and effect fields of the stored memory entries, which can be exploited to override safety guidelines or standard operations.
  • Sanitization: The instructions lack any requirement for sanitizing, escaping, or validating the content of the memory entries before they are incorporated into the agent's active context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 09:28 AM