ReasoningBank with AgentDB
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes
npx agentdb@latestwhich downloads and executes the AgentDB CLI directly from the npm registry. This is considered normal vendor functionality for this skill. - [COMMAND_EXECUTION]: CLI commands are used to initialize the database and set up a Model Context Protocol (MCP) server via
npx agentdb@latest mcp, which allows the agent to interface with the local vector database. - [PROMPT_INJECTION]: The skill implements a learning system that persists agent trajectories, creating a potential surface for indirect prompt injection.
- Ingestion points: Task outcomes and step-by-step trajectories are ingested via the
rb.insertPatternAPI and CLI migration/import tools. - Boundary markers: There are no explicit delimiters or 'ignore instructions' warnings shown in the code snippets to separate historical pattern data from active reasoning instructions.
- Capability inventory: The skill provides a
synthesizeContextfeature which generates natural language narratives from past memories to guide agent behavior. - Sanitization: No evidence of content validation or sanitization is present for the ingested trajectory data, which could allow malicious patterns to influence future model outputs.
Audit Metadata