save-conversation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to check for a configuration file ('.conversation-config') and to create storage directories ('mkdir -p'). These commands are standard for local file management and align with the skill's primary purpose.
- [PROMPT_INJECTION]: The skill's workflow involves analyzing the current conversation history to generate summaries, which creates an indirect prompt injection surface. Ingestion points: Step 4 'Analyze Conversation' reviews the current conversation text. Boundary markers: None explicitly defined to separate untrusted user content from the agent's extraction logic. Capability inventory: The skill uses the 'Bash' and 'Write' tools to interact with the local filesystem. Sanitization: The skill does not explicitly describe any escaping or filtering of the conversation content before processing.
Audit Metadata