session-log
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill reads and searches historical log files, creating a surface for indirect prompt injection if those logs contain malicious instructions from previous agent interactions.
- Ingestion points:
SESSION.mdand files withinsessions/directories viaread_file. - Boundary markers: Uses Markdown structure and HTML
<details>tags for logical separation, though no explicit 'ignore' instructions are present. - Capability inventory: File system access (
read_file,write_file); no network or subprocess execution detected. - Sanitization: No explicit sanitization or filtering of logged content is defined in the provided logic.- [Data Exposure & Exfiltration] (SAFE): While the skill requires file-writing permissions, it does not target sensitive system paths (e.g., SSH keys or environment files) and contains no network tools for exfiltration.
Audit Metadata