Skills
skills/d-o-hub/rust-self-learning-memory/context-retrieval/Gen Agent Trust Hub

context-retrieval

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill presents an indirect prompt injection surface through its retrieval of past task data.
  • Ingestion points: Context is retrieved from the 'episodes' database table via semantic and keyword search methods defined in SKILL.md.
  • Boundary markers: The provided Rust implementation snippets do not specify the use of delimiters or 'ignore' instructions for retrieved content when passed to the LLM.
  • Capability inventory: The skill is focused on data retrieval and does not demonstrate dangerous capabilities such as arbitrary command execution, file system modifications, or network-based exfiltration.
  • Sanitization: The implementation uses SQL parameter binding (e.g., 'WHERE task_type = ?') which prevents traditional SQL injection, but the skill lacks validation or sanitization for natural language instructions embedded within the retrieved episodic data.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 09:21 AM