oma-recap

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes local command-line tools including oma, jq, and date to collect and filter historical conversation data.\n- [DATA_EXFILTRATION]: Accesses the local user file ~/.claude/history.jsonl to read past AI conversation history. This data is processed locally to generate work summaries and is not sent over the network.\n- [PROMPT_INJECTION]: The skill processes untrusted historical conversation data as its primary input.\n
  • Ingestion points: Reads data from ~/.claude/history.jsonl and the output of the oma recap command.\n
  • Boundary markers: No explicit delimiters or instructions are used to distinguish historical prompt content from the agent's summarization instructions.\n
  • Capability inventory: The skill has the capability to execute shell commands (oma, jq, date) and write files to the .agents/results/recap/ directory.\n
  • Sanitization: There is no evidence of sanitization or filtering applied to the historical prompt data prior to analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:19 PM
Security Audit — agent-trust-hub — oma-recap