build-session-context
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted data from multiple project documentation files, which could contain malicious instructions designed to influence the agent's next steps.
- Ingestion points: Reads CLAUDE.md, TASK_BOARD.md, MIGRATION_LOG.md, DEBUG_LOG.md, GIT_LOG.md, SKILLS_LOG.md, and git status output.
- Boundary markers: Absent; the workflow does not instruct the agent to use delimiters or ignore instructions within the source files.
- Capability inventory: Read-only access to local workspace files and execution of basic system commands like git and grep.
- Sanitization: Absent; the content is summarized and used to suggest the next sequence of actions without validation.
Audit Metadata