session-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The instructions do not contain patterns designed to bypass safety filters or override core agent behavior.
- Data Exposure & Exfiltration (SAFE): No evidence of sensitive credential exposure or unauthorized network communication. Data operations are confined to session persistence via MCP tools.
- Indirect Prompt Injection (SAFE): While the skill ingests project data and checkpoints (ingestion: references/load.md, references/reflect.md), it does so as part of its primary function. Capabilities are limited to session management (capability: Write, Codanna memory tools), and no exploitable paths were found despite the absence of explicit boundary markers or sanitization.
- Unverifiable Dependencies (SAFE): References to 'Codanna MCP' appear to be platform-specific internal tools rather than untrusted third-party dependencies.
Audit Metadata