github-copilot-sessions
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (
search_copilot_sessions.py) to search local session logs. - Evidence:
python3 <skill-dir>/scripts/search_copilot_sessions.py [--project PATH] [--days N] [--limit N] [--no-db] KEYWORD... - Accesses local directories:
~/.copilot/session-store.dband~/.copilot/session-state/. - These paths are standard locations for GitHub Copilot CLI session data.
- [DATA_ACCESS]: The skill specifically targets user-owned Copilot session logs to provide recall capabilities.
- It implements a 'read-minimized' approach by using
grepandsedvia subagents to only extract relevant lines from potentially large (tens of MB) log files. - The data remains local to the agent's execution environment unless the agent includes the summary in its response to the user, which is the primary intended purpose.
Audit Metadata