Skills
skills/salavender/antigravity-compound-engineering-plugin/session-resume/Gen Agent Trust Hub

session-resume

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Command Execution] (SAFE): The skill executes standard local utilities such as ls and git log to summarize project status. It also calls local scripts ./scripts/log-skill.sh and ./scripts/compound-dashboard.sh which are intended for session telemetry and status reporting.
  • [Indirect Prompt Injection] (LOW): The skill possesses a vulnerability surface for indirect prompt injection. 1. Ingestion points: The agent processes file names from todos/, plans/, and docs/solutions/, as well as recent git commit subjects. 2. Boundary markers: Absent. The gathered context is not wrapped in delimiters that would instruct the agent to ignore instructions embedded in the file names or commit messages. 3. Capability inventory: The skill has the ability to execute shell commands and local scripts as defined in SKILL.md. 4. Sanitization: Absent. Data from the filesystem and git history is passed directly into the agent's context without escaping or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:45 PM