Skills
skills/hkuds/nanobot/memory/Gen Agent Trust Hub

memory

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the exec tool to run grep commands for searching memory files. This creates a surface for command injection if user-provided keywords are not sanitized before being passed to the shell.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes data from past interactions stored in memory/HISTORY.md and memory/MEMORY.md.
  • Ingestion points: Data enters the context from memory/HISTORY.md and memory/MEMORY.md when the agent performs searches or updates.
  • Boundary markers: Absent; there are no delimiters or instructions to ignore commands within the recalled text.
  • Capability inventory: The agent has access to exec for command execution and edit_file/write_file for file modification.
  • Sanitization: Absent; no validation or escaping is applied to historical data before the agent reads and acts upon it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 04:52 PM