meticulous-use-session-data
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill guides the agent to analyze external data from recorded sessions (e.g.,
user-events.json,network-requests/). This data originates from user interactions and external API responses, presenting an indirect prompt injection surface where malicious instructions could be embedded.\n - Ingestion points: Multiple JSON files in
.meticulous/sessions/, such asuser-events.jsonandsummary.json.\n - Boundary markers: Absent; the agent is not instructed to ignore potential instructions within the session data.\n
- Capability inventory: The skill executes shell commands (
meticulousCLI) and performs extensive local file reads.\n - Sanitization: No validation or sanitization of the session data is performed before processing.\n- [DATA_EXFILTRATION]: The skill's primary function is to download and read sensitive session state, including authentication cookies (
cookies.json) and full network request/response bodies. Although these are contained within the local.meticulousdirectory for testing purposes, the agent's access to this data constitutes a significant exposure of potentially sensitive session information.
Audit Metadata