update-memory
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute commands such as echo, cat, mv, and jq for maintaining local memory files.
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection. Ingestion points: Data such as action descriptions and key facts are pulled from the session and injected into commands in SKILL.md. Boundary markers: No delimiters or safety instructions are used to separate untrusted data from the command strings. Capability inventory: The skill has Bash access and can write to local memory files. Sanitization: There is no evidence of escaping or validation of inputs before they are executed in the shell environment.
Audit Metadata