continuous-learning-v2
Instinct-based learning system that observes sessions via hooks, creates atomic instincts with confidence scoring, and evolves them into skills/commands/agents. v2.1 adds project-scoped instincts to prevent cross-project contamination.
29
22%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/continuous-learning-v2/SKILL.mdSecurity
2 findings — 2 medium severity. This skill can be installed but you should review these findings before use.
W011: Third-party content exposure detected (indirect prompt injection risk)
What this means
The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.
Why it was flagged
Third-party content exposure detected (high risk: 0.90). The skill includes an import flow that fetches arbitrary HTTP(S) URLs in scripts/instinct-cli.py (cmd_import uses urllib.request.urlopen to load remote content) and writes parsed "instinct" files into project/global instinct directories, so untrusted web-hosted content can be ingested and materially influence generated instincts, evolved skills, and agent behavior.
W012: Unverifiable external dependency detected (runtime URL that controls agent)
What this means
The skill fetches instructions or code from an external URL at runtime, and the fetched content directly controls the agent’s prompts or executes code. This dynamic dependency allows the external source to modify the agent’s behavior without any changes to the skill itself.
Why it was flagged
Potentially malicious external URL detected (high risk: 0.80). The scripts contain an import path in scripts/instinct-cli.py that fetches arbitrary http(s) URLs via urllib.request.urlopen (e.g., any https://... passed to "instinct-cli.py import") and then parses/writes those fetched files as "instinct" files which directly influence agent prompts/behavior at runtime, so remote URLs used here can control agent instructions.
- Repository
- affaan-m/everything-claude-code
- Commit
841beea
- Audited
- Security analysis
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.