Rapid Convergence
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION] (HIGH): The skill documentation and examples (specifically in
reference/strategy.mdandexamples/error-recovery-3-iterations.md) instruct the agent to access and process session logs located at.claude/sessions/*.jsonl. These files contain historical interaction data which may include private information, sensitive context, or credentials from previous sessions, posing a major privacy and security risk. - [PROMPT_INJECTION] (MEDIUM): By ingesting and analyzing historical data from session logs, the skill introduces an indirect prompt injection vulnerability. Adversarial content or hidden instructions from previous user queries could be re-processed by the agent, potentially hijacking its current task or manipulating the results of its 'automation effectiveness' analysis.
- [COMMAND_EXECUTION] (LOW): The skill provides several shell command snippets (using
grep,jq,ls, andbc) to calculate methodology metrics. While used for data analysis, they demonstrate a pattern of executing commands on the underlying system environment.
Recommendations
- AI detected serious security threats
Audit Metadata