Skills
skills/jwilger/agent-skills/memory-protocol/Gen Agent Trust Hub

memory-protocol

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a persistent memory system that functions as an ingestion point for indirect prompt injection.
  • Ingestion points: Knowledge is retrieved from the Memento MCP graph using mcp__memento__semantic_search and mcp__memento__open_nodes (as described in SKILL.md).
  • Boundary markers: Absent. The protocol does not instruct the agent to use specific delimiters or to disregard instructions embedded in recalled memory.
  • Capability inventory: None. The skill is documentation-based and does not include any executable scripts or tools.
  • Sanitization: Absent. No validation or sanitization steps are defined for data entering or leaving the memory graph.
  • [EXTERNAL_DOWNLOADS]: The skill mentions an optional dependency on the debugging-protocol skill, which can be installed from the author's own repository using the npx skills add jwilger/agent-skills command (referenced in SKILL.md).
  • [NO_CODE]: The skill is composed entirely of Markdown and YAML configuration files; it includes no executable scripts in Python, JavaScript, or other languages.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 09:55 PM