Skills
skills/athola/claude-night-market/session-replay/Gen Agent Trust Hub

session-replay

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: Accesses the ~/.claude/projects/ directory to discover and read session JSONL files. These files contain sensitive information, including the history of user prompts and AI responses.
  • [COMMAND_EXECUTION]: Dynamically generates VHS configuration scripts (.tape files) based on the content of session logs and executes them using the scry:vhs-recording skill. This pattern of script generation from data represents a potential execution vector.
  • [PROMPT_INJECTION]: Vulnerable to indirect prompt injection through processed session data.
  • Ingestion points: Reads local session history files via scribe.session_parser (SKILL.md).
  • Boundary markers: No explicit boundary markers or instruction-ignoring delimiters are mentioned for the session content.
  • Capability inventory: Includes the ability to write files (Write), run shell commands (Bash), and call other skills (Skill).
  • Sanitization: The error handling section acknowledges potential 'string escaping bugs' when generating tapes, indicating that malicious content within session logs might not be safely neutralized.
  • [EXTERNAL_DOWNLOADS]: Recommends installing the vhs utility from Charmbracelet's official GitHub repository (github.com/charmbracelet/vhs) as a prerequisite for GIF rendering.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 11:26 PM