session-summary
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to analyze session history and generate a structured markdown summary. It utilizes the Read and Write tools as intended for local operations without any external data exfiltration or remote code execution patterns.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user input from the session history. An attacker could embed instructions in previous messages that might influence the summary generation or subsequent file-writing tasks.
- Ingestion points: The skill reads the entire session history (
SKILL.mdstep 1) to identify user inputs and assistant actions. - Boundary markers: None. The workflow does not specify delimiters or instructions to ignore embedded commands within the session history.
- Capability inventory: The skill has access to
ReadandWritetools, which are used to retrieve the template and potentially save the summary to the filesystem. - Sanitization: None. There is no evidence of input validation or sanitization of the content extracted from the session history before it is processed or written to a file.
Audit Metadata