visualize-conversation
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
node ./scripts/visualize.jsto process data, generate diagrams, and delete session files. These commands are executed locally using the vendor's provided scripts. - [DATA_EXFILTRATION]: The skill accesses sensitive user data, including conversation history and tool outputs, stored in
.copilot-conversation/data/. This access is intended for its visualization purpose, and no external exfiltration or network communication was detected. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from session logs (
history-*.json,tools-*.json) which may contain malicious instructions designed to influence the visualization or downstream agent behavior. - Ingestion points: File reads from
.copilot-conversation/data/(SKILL.md). - Boundary markers: None identified in the skill instructions.
- Capability inventory: File read, file write, file deletion, and local Node.js script execution (SKILL.md).
- Sanitization: No sanitization of conversation content or tool output is mentioned prior to processing for visualization.
Audit Metadata