agent-memory
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
databricks-langchain[memory]package from official repositories. - [DATA_EXFILTRATION]: Facilitates the persistence of conversation history and user memories to a Databricks Lakebase instance. Data access is controlled via authenticated request contexts.
- [COMMAND_EXECUTION]: Provides developer instructions for table initialization and application deployment using standard CLI tools like
uvanddatabricks. - [PROMPT_INJECTION]: The
save_user_memorytool (examples/memory_tools.py) represents a surface for indirect prompt injection as it stores model-generated content. - Ingestion points: data enters through the
memory_data_jsonparameter in thesave_user_memorytool. - Boundary markers: no explicit delimiters or safety instructions are embedded in the tool code to mitigate injection from the stored data.
- Capability inventory: utilizes
store.aput,store.asearch, andstore.adeleteto interact with Lakebase storage. - Sanitization: the implementation includes validation using
json.loads()to ensure the input is a valid JSON dictionary before it is persisted.
Audit Metadata