Skills
skills/eoash/ash-skills/my-session-wrap/Gen Agent Trust Hub

my-session-wrap

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard local git commands (git status, git diff, git add, git commit) for project state management. It also dynamically generates drafts for automation scripts or skills based on patterns found in the workspace. These actions are triggered after an explicit user confirmation step (AskUserQuestion), providing a human-in-the-loop security control.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from the local workspace to drive its analysis and documentation updates.
  • Ingestion points: The skill reads output from git diff, as well as the contents of CLAUDE.md, README.md, and other files within the workspace.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when passing workspace content to the analysis agents.
  • Capability inventory: The skill can perform file system writes (updating documentation), execute subprocesses (git), and create new executable scripts/skills.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the workspace data before it is processed by the AI agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 03:23 PM