Skills
skills/hero988/memoriesweave-skill/memoriesweave/Gen Agent Trust Hub

memoriesweave

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the agent to utilize the Bash tool to execute curl commands for all API interactions with the MemoriesWeave platform, as described in SKILL.md.\n- [EXTERNAL_DOWNLOADS]: The agent performs network requests to fetch data and verify image assets from external domains including convex.site (API hosting), memoriesweave.com (application domain), and Cloudflare R2 (r2.dev).\n- [PROMPT_INJECTION]: Features an indirect prompt injection surface by processing untrusted data from WhatsApp conversation exports and photo metadata.\n
  • Ingestion points: Untrusted data enters the agent context through the /workspaces/{wsId}/conversations and /photos/{id} endpoints referenced in SKILL.md and assets/openapi.json.\n
  • Boundary markers: The instructions in SKILL.md do not provide explicit boundary markers or instructions to ignore embedded commands within the conversation context.\n
  • Capability inventory: The skill has network access via the Bash tool (curl) to interact with API endpoints that create, update, and delete memory resources as defined in SKILL.md.\n
  • Sanitization: There is no documentation of sanitization or validation for content retrieved from external conversation sources before it is used in generating HTML layouts or captions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 07:15 AM