memory-bank
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses authoritative directives to override default agent behavior, mandating the reading of local documentation files as a "non-optional" requirement at the start of every session.\n- [PROMPT_INJECTION]: The skill establishes the
memory-bank/directory as a primary source of truth, creating a vulnerability surface for indirect prompt injection where malicious instructions stored in documentation could influence the agent's behavior.\n - Ingestion points: Local markdown files within the
memory-bank/directory.\n - Boundary markers: None. The agent is not instructed to distinguish between documented context and instructions or to ignore embedded directives.\n
- Capability inventory: The skill performs filesystem operations to initialize and maintain documentation directories.\n
- Sanitization: None. The agent is instructed to trust the content of the memory bank files implicitly as the source of project knowledge.
Audit Metadata