Skills
skills/ai-native-camp/camp-2/session-analyzer/Gen Agent Trust Hub

session-analyzer

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill is designed to read sensitive session information from the ~/.claude/ directory, including debug logs (debug/{sessionId}.txt) and project logs (projects/*.jsonl). These files contain a full history of user interactions and tool outputs. Access to this data is a requirement for the skill's stated purpose of session analysis.
  • [COMMAND_EXECUTION]: The skill executes local bash scripts (find-session-files.sh, extract-hook-events.sh, and extract-subagent-calls.sh) to search and parse log files. These scripts utilize standard utilities such as grep, sed, and find to extract session metadata and execution traces.
  • [PROMPT_INJECTION]: An indirect prompt injection vulnerability surface exists as the skill processes logs that may contain untrusted data from previous session tool outputs. Ingestion points: session and debug logs in ~/.claude/. Boundary markers: absent; log content is extracted and interpolated into reports without protective delimiters. Capability inventory: local shell script execution and model-based analysis of the resulting report. Sanitization: absent; log content is not sanitized or validated before processing or inclusion in the report.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 11:03 AM