agentos-api-sessions
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No prompt injection attempts or bypass instructions were detected in the skill body or metadata.
- [DATA_EXFILTRATION]: The skill interacts with the AgentOS API for session management. It does not attempt to access sensitive local files or exfiltrate data to unauthorized domains.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns or unsafe downloads from untrusted sources were found.
- [COMMAND_EXECUTION]: The skill provides a Python script (
scripts/manage_sessions.py) used for session management. The script uses standard arguments and performs network operations via theagnolibrary to the specified base URL. - [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or other sensitive credentials were found. The skill documentation correctly avoids embedding secrets.
- [INDIRECT_PROMPT_INJECTION]: While the skill retrieves and displays conversation history from sessions, it does not process this untrusted data in a way that leads to execution or prompt interpolation. It primarily prints the data to the console for inspection purposes.
Audit Metadata