Skills
skills/ab300819/skills/agent-memory/Gen Agent Trust Hub

agent-memory

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform 'Universal extraction', which involves executing shell commands such as git log to identify project conventions and scanning the directory structure to determine the technical stack.
  • [PROMPT_INJECTION]: The skill processes untrusted data from the repository (e.g., README files, project configuration manifests, and git history), which presents an indirect prompt injection surface where malicious repository content could influence the agent's behavior during the context distillation process.
  • Ingestion points: package.json, go.mod, Cargo.toml, README.md, git log, and documentation in docs/devdocs/.
  • Boundary markers: Absent; there are no instructions to treat extracted data as untrusted or to use delimiters to separate it from agent instructions.
  • Capability inventory: Read, Write, Glob, Grep, Edit, Bash, and AskUserQuestion.
  • Sanitization: Absent; the skill instructions do not specify validation or filtering of the extracted content before it is incorporated into the memory files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 06:37 AM