history
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The skill is designed to read the local file system to access Claude conversation history from a specific path (C:/Users/carsten.jorgensen/.claude/history.jsonl). While this is the intended primary purpose of the skill, it involves accessing potentially sensitive interaction data.
- [PROMPT_INJECTION]: The skill processes untrusted data from the conversation history file, creating a surface for indirect prompt injection if past conversations contained malicious instructions.
- Ingestion points: SKILL.md (reads history.jsonl)
- Boundary markers: Absent
- Capability inventory: No high-risk capabilities such as network operations, file writing, or command execution were detected in the skill scripts.
- Sanitization: Absent; the skill directly formats and displays content found in the history file.
Audit Metadata