agent-openai-memory
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the 'databricks-openai' Python package for session management, which is a verified vendor library.
- [PROMPT_INJECTION]: The skill incorporates a session-based memory system that prepends historical conversation data to the current prompt, creating a surface for indirect prompt injection.
- Ingestion points: Conversation history is retrieved through 'AsyncDatabricksSession' from the Databricks Lakebase storage as described in SKILL.md.
- Boundary markers: The provided code does not show explicit delimiters to isolate historical context from user instructions.
- Capability inventory: The agent executes logic using the 'Runner.run' method.
- Sanitization: No explicit sanitization or filtering of the retrieved history is performed before it is added to the prompt context.
Audit Metadata