session-end
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill orchestrates a local session-management workflow without any network operations, remote script downloads, or data exfiltration. All data storage is directed to a hidden local directory.
- [NO_CODE]: The skill contains no executable scripts or binary code; its functionality relies entirely on natural language instructions and configuration metadata.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by ingesting and potentially reloading session context that may include untrusted data from external files or user tasks.
- Ingestion points: Session context capturing file summaries and task logs (SKILL.md).
- Boundary markers: Absent; there are no specific delimiters defined to segregate recorded session data from agent system instructions.
- Capability inventory: No direct subprocess, network, or file-write capabilities are defined within this orchestration skill.
- Sanitization: Absent; the skill does not perform validation or sanitization on recorded session data.
Audit Metadata