gait-session-tracking
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to execute a Python script defined by the
$GAIT_MCP_SCRIPTenvironment variable via an$MCP_CALLwrapper. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the
gait_record_turntool. - Ingestion points: Data enters the system through the
promptandresponsefields in thegait_record_turntool call (SKILL.md). - Boundary markers: There are no specific delimiters or instructions to ignore embedded commands within the recorded data.
- Capability inventory: The skill possesses the capability to execute subprocesses (python3) and manage a local Git repository.
- Sanitization: No explicit sanitization or filtering of the ingested turn data is performed before storage.
- [NO_CODE]: The skill contains no executable code or scripts of its own, relying entirely on the host environment's configuration and pre-existing scripts.
Audit Metadata