update-claude-learnings

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill follows an established pattern for capturing project-specific behavioral learnings with clear instructions for validation and verification.
  • [PROMPT_INJECTION]: The skill ingests data from the current conversation and session history to extract rules, which constitutes an indirect prompt injection surface. This surface is well-managed through specific security controls.
  • Ingestion points: The skill analyzes the current conversation/session history for patterns (SKILL.md).
  • Boundary markers: A mandatory user confirmation gate using AskUserQuestion is enforced before any file writes can proceed (SKILL.md).
  • Capability inventory: The skill has the capability to read and write the CLAUDE.md file at the project root (SKILL.md).
  • Sanitization: The skill implements a manual verification protocol where the agent must check for duplicates, verify the scope, and confirm the accuracy of the learning with the user before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 02:23 PM
Security Audit — agent-trust-hub — update-claude-learnings