Skills
skills/rysweet/amplihack/session-to-agent/Gen Agent Trust Hub

session-to-agent

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the amplihack new command to automate the creation of new agent structures. This is a legitimate use of the Bash tool to interact with the vendor's development CLI tool to generate local file structures.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests untrusted data from session transcripts to define the behavior of the generated agents.\n
  • Ingestion points: Reads session JSONL files from ~/.claude/projects/ as described in the reference.md file.\n
  • Boundary markers: Not explicitly defined in the provided extraction prompt templates; the skill relies on natural language parsing of the transcript content.\n
  • Capability inventory: The skill and its generated agents employ Bash, Write, Read, Glob, and Grep tools.\n
  • Sanitization: The skill relies on the underlying LLM's interpretation of the transcript without pre-processing or explicit sanitization of embedded instructions within the session history.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 07:44 AM