claude-historian
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill documents an interface for searching historical data, creating an attack surface for indirect prompt injection.
- Ingestion points: The agent is instructed to query
conversations,errors, andfileswhich may contain untrusted data. - Boundary markers: No delimiters or instructions to ignore embedded commands are specified.
- Capability inventory: The skill relies on
searchandinspecttools. - Sanitization: No sanitization methods are mentioned in the skill documentation.
Audit Metadata