Skills
skills/indranilbanerjee/digital-marketing-pro/save-knowledge/Gen Agent Trust Hub

save-knowledge

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection vulnerability surface. It ingests content from external URLs and user input, storing it in a persistent vector database (Pinecone or Qdrant) for later retrieval via Retrieval-Augmented Generation (RAG).
  • Ingestion points: Untrusted data enters the agent context through the 'Content to store' field and content fetched from user-provided 'URLs to external research'.
  • Boundary markers: There are no boundary markers or instructions to treat stored content as data rather than instructions (e.g., delimiters or 'ignore' warnings are absent).
  • Capability inventory: The skill reads local files in ~/.claude-marketing/, executes a local script memory-manager.py (COMMAND_EXECUTION), and communicates with external vector databases.
  • Sanitization: No sanitization, escaping, or instruction-filtering is applied to the content before it is indexed and stored.
  • [COMMAND_EXECUTION]: The skill executes a local script memory-manager.py with various actions (prepare-store, get-memory-status, log-stored) to handle metadata, hashing, and database preparation.
  • [EXTERNAL_DOWNLOADS]: The skill allows the agent to fetch and process research content from external URLs for long-term storage and retrieval.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 01:18 AM