Skills
NYC
skills/microck/ordinary-claude-skills/project-session-management/Gen Agent Trust Hub

project-session-management

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill instructs the agent to automate git operations, including git commit and git push via the /wrap-session command. While these are essential for the workflow, they represent a capability that could be misused if the agent is misled by malicious project content.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted project data to determine its next actions.
  • Ingestion points: The agent reads IMPLEMENTATION_PHASES.md, SESSION.md, and ARCHITECTURE.md to restore context and determine the "Next Action".
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potential embedded commands within these planning documents.
  • Capability inventory: The skill has the capability to write files, read files, and execute git commands (commit/push).
  • Sanitization: There is no evidence of sanitization or validation of the content read from the project files before it is used to influence the agent's logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:29 PM