Skills
NYC
skills/johnlindquist/claude/long-agent/Gen Agent Trust Hub

long-agent

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (SAFE): The skill uses local shell commands (mkdir, cat, grep, git) to manage session state and query project status. All execution is local and serves the primary purpose of session tracking.
  • PROMPT_INJECTION (SAFE): The skill includes an indirect prompt injection surface where it reads session logs and git history into a prompt for the gemini CLI.
  • Ingestion points: reads from ~/.claude/sessions/ and git log output.
  • Boundary markers: No explicit delimiters are used in the shell command interpolating the log content.
  • Capability inventory: The content is passed to an LLM for summarization.
  • Sanitization: None provided.
  • Assessment: While this creates an indirect injection surface if an attacker can influence git logs or session files, it is inherent to the skill's purpose of activity summarization and does not warrant a higher severity.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:05 PM