context-status
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [DATA_EXPOSURE]: The skill reads from
~/.claude/sessions/*/context-monitor-cache.json, which contains internal session state. This access allows the agent to read information from multiple sessions stored in the user's home directory. This is consistent with the skill's primary purpose of reporting context usage. - [COMMAND_EXECUTION]: The skill executes shell commands
cat,ls, andheadto retrieve and format status information from the filesystem. - [INDIRECT_PROMPT_INJECTION]: The skill processes content from session logs and caches that could potentially contain untrusted instructions.
- Ingestion points: Session monitor cache JSON files (Step 1) and session log markdown files (Step 3).
- Boundary markers: Absent; the content is retrieved and displayed directly without delimiters or instruction-bypass warnings.
- Capability inventory: Limited to read-only shell commands (
cat,ls,head). The skill lacks network access, file-write capabilities, or administrative privileges. - Sanitization: No sanitization or escaping is performed on the file contents before they are displayed to the agent.
Audit Metadata