Skills
skills/bahayonghang/my-claude-code-settings/memory-system/Gen Agent Trust Hub

memory-system

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface. It retrieves content from local Markdown files and presents it to the agent as context for answering user queries. Malicious instructions placed within these Markdown files could potentially override the agent's behavior if the retrieved content is processed without adequate sanitization or boundary markers.
  • [COMMAND_EXECUTION]: The skill instructions direct the agent to execute a local Python script (memory.py) with various CLI arguments to perform indexing, search, addition, and cleanup operations on the local file system.
  • [EXTERNAL_DOWNLOADS]: The skill depends on the sentence-transformers library, which automatically downloads a pre-trained embedding model (all-MiniLM-L6-v2) from Hugging Face during its first run. This is a standard operation for the tool's core functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 03:16 PM