memory-index
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to execute a command:memory-hub index <bucket> <file> --topic <name> --summary "<description>" [--anchor <anchor>]. The direct interpolation of variables into a shell string is a known risk for arbitrary command execution if the inputs are not strictly validated. - [PROMPT_INJECTION]: This skill presents an indirect prompt injection surface as it processes untrusted data to modify the system index.
- Ingestion points: Parameters
bucket,file,topic,summary, andanchorare provided during execution, potentially originating from untrusted user content. - Boundary markers: No explicit boundary markers or "ignore instructions" warnings are present in the command template.
- Capability inventory: The skill has
BashandWritecapabilities, allowing it to execute system commands and modify files in the.memory/directory. - Sanitization: There is no evidence of escaping or sanitization for shell metacharacters (e.g.,
;,&,|) in the input fields before they are passed to the bash shell.
Audit Metadata