project-memory
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to read
.agents/LEARNINGS.mdand 'Apply its guidance silently during execution.' This creates a surface for indirect prompt injection, as an attacker who can influence the content of this file could potentially manipulate the agent's behavior in future sessions. - Ingestion points: The agent reads instructions from
.agents/LEARNINGS.md(SKILL.md). - Boundary markers: None identified; the agent is explicitly told to apply the guidance 'silently'.
- Capability inventory: The agent has the ability to read and write files and perform network requests (SKILL.md).
- Sanitization: No sanitization or validation of the content within the learning file is specified.
- [EXTERNAL_DOWNLOADS]: The skill fetches version metadata from the author's official GitHub repository to check for updates.
Audit Metadata