Skills
skills/flonat/claude-research/session-recap/Gen Agent Trust Hub

session-recap

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill scans project documentation and session history to generate recaps and memory updates, which creates a surface for indirect prompt injection.
  • Ingestion points: Processes CLAUDE.md, README.md, MEMORY.md, and session history content.
  • Boundary markers: The protocol does not specify the use of delimiters or 'ignore embedded instructions' warnings when summarizing these files.
  • Capability inventory: Includes the ability to write to multiple file paths, call other skills, and perform git push operations.
  • Sanitization: No explicit sanitization or filtering of external file content is described before processing.
  • [COMMAND_EXECUTION]: The skill uses local git commands (status, diff, rev-parse, remote) to inspect repository state. Actions that modify the repository (commit and push) are user-confirmed through multi-select prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 07:17 PM