Skills
skills/obra/clank/Remembering Conversations/Gen Agent Trust Hub

Remembering Conversations

Warn

Audited by Gen Agent Trust Hub on May 30, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes an installation script (install-hook) that modifies the platform's ~/.claude/hooks/sessionEnd hook. This persistence mechanism is designed to automatically trigger the conversation indexer in the background after every session to ensure search results remain up to date.
  • [PROMPT_INJECTION]: The skill processes historical conversation data to generate summaries and search results. This creates an indirect prompt injection surface where malicious content from past sessions could potentially be retrieved and influence the current agent context. The skill attempts to mitigate this using structured summarization prompts and boundary markers.
  • [EXTERNAL_DOWNLOADS]: Upon first execution, the skill uses the @xenova/transformers library to download the all-MiniLM-L6-v2 embedding model from Hugging Face's official repository. This is a standard operation for local AI processing using well-known services.
  • [DATA_EXFILTRATION]: To generate summaries of long conversations, the skill sends conversation excerpts to Anthropic's API using the official @anthropic-ai/claude-agent-sdk. This data flow is central to the skill's purpose and uses trusted platform infrastructure.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 30, 2026, 03:29 PM
Security Audit — agent-trust-hub — Remembering Conversations