memory-md-management
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a find command for locating project memory files. This operation is localized to the repository and intended for discovery purposes only.
- [PROMPT_INJECTION]: The skill ingests untrusted data from project documentation files during the audit process, which creates a surface for indirect prompt injection. This risk is effectively mitigated by the skill's mandatory human-in-the-loop workflow, which requires presenting a quality report and obtaining explicit user approval before applying any edits. The assessment follows the mandatory evidence chain: (1) Ingestion points: CLAUDE.md and related files accessed via Read or find tools; (2) Boundary markers: Absent; (3) Capability inventory: Subprocess discovery (Bash) and file modification (Edit); (4) Sanitization: Absent, relying on user review of proposed changes.
Audit Metadata