Skills
skills/dimkinv/favorite-skills/agent-memory/Gen Agent Trust Hub

agent-memory

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill has a high surface area for indirect injection because it stores user-provided or user-influenced content as 'memories' which are later retrieved and re-processed by the agent.
  • Ingestion points: The memories/ directory stores files created via cat from user conversations.
  • Boundary markers: Search results from rg are returned to the agent context without explicit delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill utilizes mkdir, cat, ls, rg, rm, and rmdir for file operations (SKILL.md).
  • Sanitization: No evidence of content sanitization or instruction filtering exists.
  • Command Execution (SAFE): The skill uses basic shell utilities (ls, mkdir, cat, rg, rm) to manage markdown files. These commands are restricted to the local file system and do not include network operations or privilege escalation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:47 PM