claude-session-manager

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is local file processing of Claude Code logs (/.claude/projects). It reads data from a known application path and writes organized transcripts to a local output folder (/.claude/session-markdown).
  • [COMMAND_EXECUTION]: The skill uses Python scripts to perform file operations. Analysis of manage_claude_sessions.py shows it relies entirely on the Python standard library (argparse, json, pathlib) for its logic, with no use of subprocesses to run external shell commands or network utilities.
  • [DATA_EXPOSURE]: The skill accesses Claude Code transcripts which may contain sensitive information. This is the explicit and documented purpose of the tool. No mechanisms for data exfiltration to external domains were found.
  • [PROMPT_INJECTION]: The skill processes untrusted user data (chat transcripts). It implements a basic sanitization measure by converting Markdown headings within messages into bold text, which prevents the exported transcripts from breaking the structure of the agent's reading context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:05 PM
Security Audit — agent-trust-hub — claude-session-manager