archive-conversation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE] (SAFE): The skill is composed entirely of markdown instructions. It does not include any scripts, binaries, or external dependencies.
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it processes untrusted data (the AI conversation history) to generate output and determine file system paths.
- Ingestion points: The 'entire conversation' as specified in the 'Deep Analysis Requirements' section of
SKILL.md. - Boundary markers: Absent; there are no instructions to use delimiters or ignore instructions embedded within the conversation text.
- Capability inventory: File system write access (implied by the requirement to save summaries to specific locations).
- Sanitization: Absent; no logic is provided to sanitize the conversation content or the 'save-location' argument before processing.
Audit Metadata