resume-claude-here
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill's operations are limited to the local filesystem and do not involve external network communication, credential harvesting, or remote code execution. The primary script uses only standard Python libraries.
- [COMMAND_EXECUTION]: The skill executes a local Python helper script (
scripts/claude_session_tool.py) and interacts with theclaudeCLI. These commands are used for session discovery and state restoration within the user's local environment. - [DATA_EXPOSURE]: The skill accesses the
~/.claudedirectory to read session history. While this directory contains sensitive chat transcripts, the skill processes this data locally to fulfill the user's request for context recovery. - [PROMPT_INJECTION]: The skill imports content from past transcripts into the current agent's context. This presents a surface for indirect prompt injection if a previous session contained instructions from untrusted sources, though this is a characteristic of the session-resume functionality rather than a malicious pattern.
Audit Metadata