search-knowledge
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script to coordinate between different storage layers.
- Evidence: Calls to
memory-manager.py --action get-memory-statusandmemory-manager.py --action search-localare used to manage memory layer connectivity and local indexing. - [EXTERNAL_DOWNLOADS]: The skill references and connects to well-known technology services for data storage and retrieval.
- Evidence: Mentions integration with Pinecone, Qdrant, Graphiti, and Supermemory for vector and knowledge graph search operations.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes data retrieved from external and local databases.
- Ingestion points: Results retrieved from vector databases (Pinecone, Qdrant), knowledge graphs (Graphiti), and local file-system indices.
- Boundary markers: The process description does not explicitly detail the use of delimiters or 'ignore' instructions for the retrieved data content.
- Capability inventory: The agent has capabilities to read local files in
~/.claude-marketing/and execute thememory-manager.pyscript. - Sanitization: No explicit sanitization or validation of the retrieved knowledge content is described before presentation to the user or agent.
Audit Metadata