session-pretty-replay
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The skill is vulnerable to indirect prompt injection via the consumption of untrusted session data.\n
- Ingestion points: Processes external JSON/JSONL files (e.g., chat.jsonl) containing conversation history.\n
- Boundary markers: Employs visual box separators but lacks semantic boundary instructions to ensure the agent treats the content as inert data and ignores embedded instructions.\n
- Capability inventory: Accesses the file system for reading logs and writing formatted output.\n
- Sanitization: No content filtering or sanitization of the processed log data is implemented in the instruction set.
Audit Metadata