session-logs
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands including jq, rg, and awk to parse and filter local log files.
- [DATA_EXFILTRATION]: The skill accesses the ~/.clawdbot/ directory to retrieve conversation history, which qualifies as sensitive data exposure.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests data from prior conversations which may contain malicious instructions. Ingestion points: Historical session data stored in ~/.clawdbot/agents//sessions/*.jsonl are read into the agent context. Boundary markers: The provided command templates do not use delimiters or include instructions to ignore commands within the log content. Capability inventory: The skill employs shell command execution for data extraction. Sanitization: No validation or sanitization is performed on the log content before it enters the agent context.
Audit Metadata