session-control
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to use the Bash tool to run the script './scripts/session-control.sh' with arguments interpolated from workflow variables.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted workflow variables into shell commands. * Ingestion points: Workflow variables 'resume_session_id', 'fork_session_id', and 'fork_reason' in 'references/session-control.md'. * Boundary markers: None mentioned for the interpolation process. * Capability inventory: Uses Bash tool to execute shell scripts and Write/Edit tools to modify session state files. * Sanitization: Documentation does not specify any sanitization or escaping logic for variables like 'fork_reason' when used in the shell command line.
Audit Metadata