use-session-data
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
npx @alwaysmeticulous/clito identify and download session recordings. This is the primary mechanism for interacting with the Meticulous platform. - [EXTERNAL_DOWNLOADS]: Fetches structured session data, including user interaction logs and network mocks, from the Meticulous service to the local
.meticulous/sessions/directory. - [CREDENTIALS_UNSAFE]: The skill downloads and instructs the agent to read files containing browser state information, specifically
storage/cookies.json,storage/local-storage.json, andstorage/session-storage.json. These files may contain sensitive session tokens or authentication data from the recorded sessions. - [PROMPT_INJECTION]: Ingesting and analyzing external session data (user events, network requests, and storage) creates a surface for Indirect Prompt Injection. If a recorded session includes attacker-controlled content, it could contain instructions designed to manipulate the agent.
- Ingestion points: Multiple JSON files in
.meticulous/sessions/, includinguser-events.jsonandnetwork-requests/summary.json. - Boundary markers: None identified. The agent is not instructed to use specific delimiters or to disregard potential instructions within the session data.
- Capability inventory: The skill allows for command execution (
npx) and file system navigation. - Sanitization: No explicit sanitization or validation of the downloaded JSON content is performed before the agent reads it.
Audit Metadata