recall
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or unauthorized data access were found. The skill serves as a guide for the agent to interact with a context restoration tool.
- [INDIRECT_PROMPT_INJECTION]: The skill processes historical checkpoint data which constitutes an ingestion point for potentially untrusted data. As a developer utility for context restoration, this is intended behavior and no evidence of exploitation logic is present. Ingestion points: mcp__goldfish__recall tool output in SKILL.md. Boundary markers: None explicitly defined. Capability inventory: No scripts or capabilities (such as subprocess calls, network operations, or file-writing) are defined within the skill itself. Sanitization: None specified.
Audit Metadata