problem-statement
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access attempts were detected in the skill instructions.
- [DATA_EXPOSURE]: The skill uses a local directory (
.oh/) to persist session context between different agent tasks. This is a legitimate functional requirement for maintaining state and does not target sensitive system files or credentials. - [INDIRECT_PROMPT_INJECTION]: The skill ingests data from local session files (
.oh/<session>.md). While this presents a surface for indirect prompt injection if the files contain untrusted content, the skill lacks sensitive capabilities such as network access or arbitrary command execution, which significantly limits any potential risk.
Audit Metadata