diff --git a/telegram/bot.py b/telegram/bot.py
index c91160a..0a34dad 100644
--- a/telegram/bot.py
+++ b/telegram/bot.py
@@ -202,9 +202,10 @@ def _git_commit_archive(archive_path, filename: str):
 
 
 def _load_learnings() -> str:
-    """Load Rio's learnings file for prompt injection."""
+    """Load Rio's learnings file for prompt injection. Sanitized (Ganymede: prompt injection risk)."""
     try:
-        return Path(LEARNINGS_FILE).read_text()[:3000]  # Cap at 3K chars for prompt budget
+        raw = Path(LEARNINGS_FILE).read_text()[:3000]
+        return sanitize_message(raw)  # Same sanitization as user messages
     except Exception:
         return ""