precompact
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a utility for persisting session knowledge and maintaining an up-to-date memory of tasks and repository state. It operates within the agent's expected working directory and does not exhibit malicious behaviors.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes untrusted conversation data and repository metadata. 1. Ingestion points: The skill reviews the conversation history and workspace metadata (commit hashes, PR statuses) to update memory. 2. Boundary markers: Absent; there are no delimiters to separate data from instructions during the memory update process. 3. Capability inventory: The skill is authorized to write and update files in the 'auto-memory' directory. 4. Sanitization: No sanitization or validation logic is applied to the ingested data before it is persisted to storage.
Audit Metadata