start
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system commands including pwd, git, cat, and date to retrieve environment metadata. These commands are used solely for information gathering to populate the session header.- [DATA_EXFILTRATION]: The skill accesses the agent's global and local memory files located at ~/.claude/memory.md and .claude/memory.md. While these files contain record of previous interactions, they are accessed to establish context for the new development session and are not transmitted externally.- [PROMPT_INJECTION]: The skill reads and displays Git commit logs and branch names, which could potentially contain malicious instructions from an external source (indirect prompt injection). However, the risk is minimal as the content is treated as metadata for the current session.
Audit Metadata