slack-memory-retrieval
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill defines patterns for retrieving and processing data from external files, which creates a vulnerability surface where malicious instructions embedded in those files could influence the agent's behavior.
- Ingestion points: Numerous files and directories under
{memories_path}includingchannels/,projects/,users/,tasks/,decisions/,meetings/, andfeedback/. - Boundary markers: Absent; the retrieval patterns do not suggest using delimiters or explicit instructions for the agent to ignore potentially malicious embedded content within the retrieved text.
- Capability inventory: The patterns involve reading file content (
view) and executing search commands (grep) over the entire memory structure. - Sanitization: Absent; no methods for escaping, validating, or filtering the retrieved data are described.
- Command Execution (SAFE): The skill recommends using
grepandviewfor local file operations. These are standard operations for a retrieval-focused skill and are limited to the{memories_path}context.
Audit Metadata