Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/memory-kit/Gen Agent Trust Hub

memory-kit

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of the MEMORY.md file.
  • Ingestion points: The memory-load and memory-audit commands read the contents of MEMORY.md from the project root into the agent's context (SKILL.md).
  • Boundary markers: The skill does not define explicit delimiters or instructions to the agent to ignore potentially malicious commands embedded within the session data stored in MEMORY.md.
  • Capability inventory: The skill is granted Read, Write, Edit, and Bash(git:*) permissions, allowing it to modify project files and interact with remote repositories (SKILL.md frontmatter).
  • Sanitization: No sanitization or validation of the file content is performed before the agent processes the markdown to restore session state.
  • [COMMAND_EXECUTION]: The skill uses a bash script and inline shell commands for session management and status reporting.
  • Evidence: The SKILL.md file contains inline shell logic to check for the existence and size of MEMORY.md and current-task.md files for UI display.
  • Evidence: The scripts/memory-share.sh script automates staging, committing, and pushing changes to the local git repository's remote.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 11:28 PM