project-retrospective
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Spawns parallel background sub-agents using the
Agenttool to process large session history files independently. - [SAFE]: Reads platform session exports from
~/.claude/exports/and writes generated reports todocs/retros/. This file system access is directly tied to the skill's primary purpose of analyzing and documenting project history. - [PROMPT_INJECTION]: As the skill ingests and processes session logs containing user messages and past agent responses, it contains a surface for indirect prompt injection. The use of a strict extraction template for sub-agents serves as a mitigation factor.
- Ingestion points: Session export text files in
~/.claude/exports/{project-name}/(SKILL.md). - Boundary markers: Absent; the sub-agent prompt does not use delimiters to isolate log content from instructions.
- Capability inventory: Sub-agent creation via
Agenttool, and file system writes todocs/retros/andMEMORY.md(SKILL.md). - Sanitization: Absent; the skill extracts data directly from logs without filtering (SKILL.md).
Audit Metadata