context-compressor
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill is designed to optimize conversation context and manage local agent memory within the workspace.
- [DATA_EXPOSURE]: The skill uses a memory protocol that reads from and writes to the
.claude/context/memory/directory. This is standard behavior for agent-based workflows to maintain state across sessions and does not involve exfiltration to external domains. - [COMMAND_EXECUTION]: The provided scripts (
main.cjs,pre-execute.cjs,post-execute.cjs) are limited to basic file system checks and status reporting. They do not execute arbitrary shell commands or spawn untrusted subprocesses. - [INDIRECT_PROMPT_INJECTION]: While the skill processes potentially untrusted data such as logs and documentation during compression, it lacks the dangerous capabilities (like
evalor remote network requests) required to exploit such an injection. The instructions focus on summarization and preservation of critical information.
Audit Metadata