Skills
skills/taylorhuston/local-life-manager/log-session/Gen Agent Trust Hub

log-session

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill ingests untrusted data from the user conversation and writes it to the local filesystem, which could lead to data poisoning if the agent interprets future log content as instructions.\n
  • Ingestion points: Recent conversation history and .claude/learning-sessions/index.json.\n
  • Boundary markers: Absent; the instructions do not define delimiters to separate user-provided conversation data from the agent's internal logging logic.\n
  • Capability inventory: The skill is granted Read, Write, and Glob tools for file system manipulation.\n
  • Sanitization: Absent; there is no mention of filtering or escaping conversation content before it is written to the persistent session file.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:29 PM