Skills
skills/shipshitdev/skills/session-documenter/Gen Agent Trust Hub

session-documenter

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use common shell commands like mkdir, cat, ls, find, mv, and grep to manage the lifecycle of session documentation files within the .agents/SESSIONS/ directory.
  • [PROMPT_INJECTION]: The skill has a potential indirect prompt injection surface because it requires the agent to read and extract context from previously generated session files. However, this is a standard requirement for its purpose and is managed within the agent's workspace.
  • Ingestion points: Data is read from .agents/SESSIONS/$(date +%Y-%m-%d).md at session start as described in references/full-guide.md.
  • Boundary markers: Absent; the instructions do not specify the use of delimiters or 'ignore' commands when processing existing session files.
  • Capability inventory: The skill employs bash for file system operations and modification of documentation and task tracking files across the .agents/ directory structure.
  • Sanitization: Absent; the documentation does not outline any sanitization or validation steps for content read from the session logs.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 09:45 AM