memory-hygiene
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for destructive shell commands, specifically 'rm -rf ~/.clawdbot/memory/lancedb/', intended for wiping the agent's local memory database.
- [COMMAND_EXECUTION]: Uses a 'cron' action to schedule automated monthly maintenance tasks that include clearing data and re-seeding memory from local files.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes and stores data from 'MEMORY.md' into vector memory.
- Ingestion points: The 'cron' maintenance job involves parsing 'MEMORY.md' to populate the fresh memory database.
- Boundary markers: There are no delimiters or instructions provided to ensure the agent ignores embedded commands within the 'MEMORY.md' file.
- Capability inventory: The skill has the ability to execute system commands, modify configuration via 'config.patch', and manage recurring tasks.
- Sanitization: No procedures are specified for validating or sanitizing the content retrieved from 'MEMORY.md' before it is stored in the database.
Audit Metadata