session-mesh
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation provides examples of usage for a command-line interface named session-mesh. This tool includes functionality for listing active sessions, steering agent directions, and terminating processes via a kill command.
- [EXTERNAL_DOWNLOADS]: The skill references external API endpoints at api.example.com to manage session data and registries. These interactions are standard for the skill's purpose and use placeholder domains.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes data from external sources that could influence agent behavior. 1. Ingestion points: The skill reads data from API responses (GET /api/session-mesh/alive) and local YAML configuration files (load-config command). 2. Boundary markers: There are no specific delimiters or instructions mentioned to isolate or ignore potentially malicious instructions embedded in the external data. 3. Capability inventory: The skill possesses impactful capabilities including agent termination (kill) and direction steering (steer). 4. Sanitization: No evidence of input validation or sanitization of ingested content is present in the provided documentation.
Audit Metadata