memory-systems
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and provides implementation examples for several third-party AI memory frameworks including Mem0, Cognee, and Graphiti (Zep). These are recognized technology services and are used according to the skill's primary purpose.
- [PROMPT_INJECTION]: The skill implements a MemoryContextIntegrator that retrieves stored facts and injects them into the agent's context, creating an indirect prompt injection surface.
- Ingestion points: Data enters the context via the store_fact and add methods in scripts/memory_store.py and references/implementation.md.
- Boundary markers: The implementation uses a '## Relevant Memories' header but lacks specific delimiters or system instructions to ignore commands within the retrieved data.
- Capability inventory: All scripts use local computation for similarity and graph traversal; no subprocess execution or network requests were identified.
- Sanitization: No sanitization or escaping of the retrieved content is performed before injection.
Audit Metadata