conversation-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION] (LOW): The skill accesses the sensitive file
~/.claude/history.jsonlwhich contains private conversation history. This finding is downgraded to LOW because accessing this file is the stated primary purpose of the skill. - [COMMAND_EXECUTION] (LOW): The skill executes a local Python script
analyze_history.pyvia bash to process data. This is an expected behavior for a tool-based skill. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection because it ingests untrusted data from previous conversation logs. Ingestion points:
~/.claude/history.jsonl. Boundary markers: None mentioned. Capability inventory: Bash execution and file-write. Sanitization: None described for the parsing logic.
Audit Metadata