skills/seqis/openclaw-skills-converted-from-claude-code/agent-session-chronicler/Gen Agent Trust Hub
agent-session-chronicler
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by design, as its primary purpose is to process and summarize untrusted conversation history into structured documentation.
- Ingestion points: The skill ingests all previous conversation messages to extract project knowledge.
- Boundary markers: The instructions lack specific delimiters or guardrails to prevent the agent from obeying instructions embedded within the conversation data being chronicled.
- Capability inventory: The skill uses tools including
Read,Grep,Glob, andTodoWrite, which allow the agent to read from and write to the local file system based on processed data. - Sanitization: There are no documented steps for sanitizing, escaping, or validating the input data before it influences the output or tool usage.
- [NO_CODE]: The skill consists solely of markdown instructions and metadata. It does not contain scripts, binaries, or commands to install third-party dependencies, which significantly limits the risk of direct malicious code execution or persistence.
Audit Metadata