Skills
skills/oimiragieo/agent-studio/session-transcript-analyzer/Gen Agent Trust Hub

session-transcript-analyzer

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses sensitive directories in the user's home folder to read session history and debug information.
  • Evidence: The skill explicitly targets ~/.claude/projects/ for JSONL transcripts and ~/.claude/debug/ for text-based debug logs to perform its analysis.
  • [COMMAND_EXECUTION]: The wrapper script scripts/main.cjs executes an external Node.js process using a path that resolves outside of the skill's own directory structure.
  • Evidence: Uses spawnSync to run a script at ../../../../scripts/analyze-session-transcript.mjs, creating a dependency on the host environment's file structure.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from session transcripts that could contain malicious instructions.
  • Ingestion points: Reads .jsonl transcripts and .txt debug logs from ~/.claude/ (SKILL.md).
  • Boundary markers: None; the skill reads file content line-by-line and parses it without using delimiters or instructions to the LLM to ignore embedded commands.
  • Capability inventory: The skill is configured with Read, Write, and Bash tools (SKILL.md).
  • Sanitization: No sanitization or filtering of the transcript content is performed beyond truncating failure messages for display in the final report.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 04:50 PM