session-management
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill defines a system for tracking session state, decisions, and code landmarks using markdown files in a local directory.
- [PROMPT_INJECTION]: The skill includes directives for agent behavior (e.g., 'Claude must', 'IMPORTANT') to ensure adherence to context-saving rules. These instructions are functionally aligned with the skill's purpose and do not attempt to bypass safety constraints.
- [PROMPT_INJECTION]: The skill establishes a workflow where the AI agent reads project files to resume context, presenting a surface for indirect instructions. Ingestion points: _project_specs/session/ directory files. Boundary markers: Absent (uses standard markdown). Capability inventory: File read and write operations. Sanitization: Absent.
- [SAFE]: The shell aliases provided in the documentation are local environment configurations intended for user interaction and do not involve remote code execution or data exfiltration.
Audit Metadata