memory-reflect
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from sources that can be influenced by external actors. Ingestion points: The skill reads daily notes (memory/YYYY-MM-DD.md), conversation transcripts, and task files (memory/tasks/). Boundary markers: There are no specified delimiters or instructions to ignore embedded commands within these files. Capability inventory: The process allows for modifying the primary long-term memory file (MEMORY.md) and daily logs. Sanitization: No sanitization or validation of the ingested text is performed before distillation into memory.
Audit Metadata