Skills
skills/yonatangross/orchestkit/analytics/Gen Agent Trust Hub

analytics

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing and displaying content from untrusted data sources.
  • Ingestion points: Reads command history from ~/.claude/history.jsonl and session logs from ~/.claude/projects/.
  • Boundary markers: Absent; the instructions do not implement delimiters or ignore-instructions to prevent the agent from following commands embedded within the logs.
  • Capability inventory: The skill uses Bash to execute jq and Read to access file contents.
  • Sanitization: Absent; the jq queries extract and display raw message content from past sessions to the agent.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to run complex jq queries for data aggregation. While these queries are functionally related to the skill's purpose, they involve processing local system data and metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 07:08 AM