session-logs
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [Data Exposure] (LOW): The skill accesses historical conversation logs located in ~/.otto/agents//sessions/. While this involves reading sensitive chat history, the behavior is local to the agent's environment and no external exfiltration was detected.
- [Command Execution] (LOW): The skill provides bash command templates using jq and rg to process data. These are standard utility calls for the stated purpose of log analysis.
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from previous conversations. 1. Ingestion points: Historical session files in ~/.otto/agents//sessions/*.jsonl. 2. Boundary markers: Absent. 3. Capability inventory: Shell command execution (bash, jq, rg). 4. Sanitization: None; relies on jq for structure extraction.
Audit Metadata