claude-session-manager
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is local file processing of Claude Code logs (
/.claude/projects). It reads data from a known application path and writes organized transcripts to a local output folder (/.claude/session-markdown). - [COMMAND_EXECUTION]: The skill uses Python scripts to perform file operations. Analysis of
manage_claude_sessions.pyshows it relies entirely on the Python standard library (argparse, json, pathlib) for its logic, with no use of subprocesses to run external shell commands or network utilities. - [DATA_EXPOSURE]: The skill accesses Claude Code transcripts which may contain sensitive information. This is the explicit and documented purpose of the tool. No mechanisms for data exfiltration to external domains were found.
- [PROMPT_INJECTION]: The skill processes untrusted user data (chat transcripts). It implements a basic sanitization measure by converting Markdown headings within messages into bold text, which prevents the exported transcripts from breaking the structure of the agent's reading context.
Audit Metadata