forge-memory
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of a setup script at
~/.claude/skills/forge/scripts/forge-memory/setup.shto initialize the environment. This script is located in the author's expected local directory. - [PROMPT_INJECTION]: The skill indexes various Markdown files to create a searchable memory, which exposes the agent to indirect prompt injection. * Ingestion points: Content is ingested from
.forge/memory/and thedocs/directory. * Boundary markers: No explicit markers or instructions to ignore embedded commands are described in the documentation. * Capability inventory: The tool performs file system operations, SQLite database management, and executes local vector embedding processes. * Sanitization: There is no mention of sanitizing or validating the indexed Markdown content to prevent malicious instructions from being stored and retrieved.
Audit Metadata