Skills
skills/jeremylongshore/claude-code-plugins-plus/memory-kit/Gen Agent Trust Hub

memory-kit

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes dynamic context injection (exclamation-backtick syntax) in SKILL.md to execute shell commands such as wc and date to display the status of the MEMORY.md file upon loading. Additionally, it executes a local shell script scripts/memory-share.sh to automate git staging, committing, and pushing operations.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to read and summarize potentially untrusted content from MEMORY.md to restore session context.
  • Ingestion points: MEMORY.md is read by the agent during the /memory-load routine described in SKILL.md.
  • Boundary markers: Absent; the instructions do not define delimiters or warnings to prevent the agent from following instructions that might be embedded within the persisted memory.
  • Capability inventory: The skill has access to Bash(git:*), Read, Write, and Edit tools as defined in the allowed-tools frontmatter of SKILL.md.
  • Sanitization: Absent; the skill summarizes and adopts the state from the file without content validation or sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 01:53 PM