session-review
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [DATA_EXPOSURE]: The skill identifies a workflow for writing retrospective data to a local file at .cursor/data/improvements-backlog.md. This operation is limited to the local project environment and does not involve exfiltration of sensitive files like SSH keys or environment secrets.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user input regarding work sessions and errors. While it lacks explicit boundary markers or sanitization, its capabilities are strictly restricted to local file writing with no associated network or code execution risks.
- [SAFE]: No indicators of malicious behavior, obfuscation, or unauthorized privilege escalation were found. The skill serves its stated purpose of improving workflow documentation.
Audit Metadata