Skills
skills/alirezarezvani/claude-skills/collab-proof/Gen Agent Trust Hub

collab-proof

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands (git log, git diff, git notes) and inline Python scripts to process metadata and usage statistics from the current development environment.
  • [DATA_EXFILTRATION]: Accesses session history files within ~/.claude/projects/ to extract token usage and interaction turns. While these files contain sensitive conversation data, the access is central to the skill's primary function of analyzing AI collaboration and no network exfiltration was detected.
  • [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface as it processes data from git logs and session history without explicit sanitization.
  • Ingestion points: Conversation logs (.jsonl files) and git commit messages from the local filesystem are read in SKILL.md.
  • Boundary markers: No explicit delimiters are used in the generated HTML and Markdown reports to isolate untrusted session content.
  • Capability inventory: The agent uses bash file redirection and python3 -c to generate the final artifacts.
  • Sanitization: The skill lacks mechanisms to escape or validate ingested text before embedding it in the generated artifacts, potentially allowing malicious content in session logs to affect the output display.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 12:43 AM
Security Audit — agent-trust-hub — collab-proof