meticulous-use-session-data

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill guides the agent to analyze external data from recorded sessions (e.g., user-events.json, network-requests/). This data originates from user interactions and external API responses, presenting an indirect prompt injection surface where malicious instructions could be embedded.\n
  • Ingestion points: Multiple JSON files in .meticulous/sessions/, such as user-events.json and summary.json.\n
  • Boundary markers: Absent; the agent is not instructed to ignore potential instructions within the session data.\n
  • Capability inventory: The skill executes shell commands (meticulous CLI) and performs extensive local file reads.\n
  • Sanitization: No validation or sanitization of the session data is performed before processing.\n- [DATA_EXFILTRATION]: The skill's primary function is to download and read sensitive session state, including authentication cookies (cookies.json) and full network request/response bodies. Although these are contained within the local .meticulous directory for testing purposes, the agent's access to this data constitutes a significant exposure of potentially sensitive session information.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 01:39 PM
Security Audit — agent-trust-hub — meticulous-use-session-data