session-documenter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The skill uses well-defined commands (/start, /end) to trigger its documentation workflow. No evidence of instructions designed to bypass safety filters or override system-level constraints was found.
- [Data Exposure] (SAFE): File operations are logically restricted to creating and updating session logs within the project's .agents/ directory. No patterns involving the access of sensitive system files (e.g., SSH keys, environmental secrets) or the exfiltration of data to external URLs were detected.
- [Remote Code Execution] (SAFE): The skill contains no executable code files, dependency manifests (e.g., package.json scripts), or instructions to fetch and run remote scripts.
- [Persistence] (SAFE): No attempts to modify shell profiles, system services, or scheduled tasks were identified; the skill operates purely as a data tracking utility.
Audit Metadata