session-log
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted conversation history to generate documentation.
- Ingestion points: Processes the entire conversation history in SKILL.md.
- Boundary markers: No delimiters or instructions are provided to the agent to ignore embedded commands within the conversation history.
- Capability inventory: The skill is configured with high-privilege tool access including Bash, Read, Write, and Glob.
- Sanitization: No logic is defined to sanitize or escape extracted content before it is written to the vault or potentially processed by the agent.
Audit Metadata