memory-schema
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill establishes a workflow for analyzing and validating existing note structures, creating an indirect prompt injection surface.
- Ingestion points: Existing note data processed by
schema_infer,schema_validate, andschema_diff(SKILL.md). - Boundary markers: The system utilizes structural YAML delimiters but provides no specific instructions for the agent to ignore potentially malicious commands within the note body during processing.
- Capability inventory: File modification capabilities including
write_noteandedit_note(SKILL.md). - Sanitization: No methods for escaping or validating the content of processed notes are mentioned before the data influences schema generation.
- [SAFE]: No hardcoded secrets, sensitive file exfiltration, or unauthorized network operations were identified.
- [NO_CODE]: The skill is a documentation-only resource and does not include executable scripts, binaries, or external package dependencies.
Audit Metadata