memory-admin
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute local CLI commands (e.g.,
memory-hub catalog-repair,memory-hub discover) and perform filesystem inspections within the.memory/directory. These actions are restricted to maintenance and diagnostic purposes as defined in the skill scope. - [PROMPT_INJECTION]: The skill processes session transcripts through the
memory-hub session-extractcommand, which introduces a surface for indirect prompt injection from untrusted conversation data. - Ingestion points: External data enters the system through session transcript files specified in the
--fileargument. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the transcripts are provided in the skill text.
- Capability inventory: The skill possesses the capability to execute shell commands via the Bash tool and perform read operations on the project directory.
- Sanitization: The documentation does not specify content sanitization or validation for the processed transcripts, relying on the CLI tool's internal classification logic.
Audit Metadata