Skills
skills/yonatangross/orchestkit/analytics/Gen Agent Trust Hub

analytics

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute jq, wc, ls, and sed for processing and aggregating data from newline-delimited JSON files. While these are standard tools, they are used to process various local system files.
  • [DATA_EXFILTRATION]: The skill accesses sensitive local file paths, including ~/.claude/history.jsonl (which contains command history) and session logs located in ~/.claude/projects/. These files can contain sensitive information about the user's activities, environment, and conversation history. Although the data is processed locally, this constitutes exposure of sensitive information.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes session logs (~/.claude/projects/**/*.jsonl) containing untrusted data from previous user and assistant messages.
  • Ingestion points: CC session logs and OrchestKit analytics files (e.g., agent-usage.jsonl, skill-usage.jsonl).
  • Boundary markers: None identified; there are no specific delimiters used to prevent the agent from interpreting content within session logs as instructions.
  • Capability inventory: Bash (used for jq, ls, wc, sed), Read, Grep, Glob.
  • Sanitization: None; the skill directly processes the log content using jq and presents the results.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 11:04 AM