session-replay
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for local analysis of trace files stored in the
.claude-trace/directory. It uses standard Python libraries (json, pathlib) to parse metrics and does not attempt to access sensitive system files or credentials. - [PROMPT_INJECTION]: The skill has an inherent surface for indirect prompt injection as it processes external trace logs containing API responses and error messages. However, since the skill is limited to reporting metrics via the
ReadandGlobtools and does not execute the data or perform network writes, this surface is considered a safe byproduct of its primary function. Ingestion point:.claude-trace/*.jsonl. Sanitization and boundary markers are absent in the reported output.
Audit Metadata