save
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill relies exclusively on specialized MCP memory tools (
write_memory,read_memory,list_memories) to manage session persistence. No suspicious network operations or shell commands were identified across the analyzed files. - [PROMPT_INJECTION]: The skill possesses an Indirect Prompt Injection surface, which is inherent to its functionality of summarizing project files and activity.
- Ingestion points: In
SKILL.mdPhase 1, the agent is instructed to review created or modified files and session decisions to identify content for storage. - Boundary markers: The instructions lack specific boundary markers or warnings to ignore embedded instructions within the processed data.
- Capability inventory: The skill uses
write_memoryandread_memoryto store and retrieve analyzed context. - Sanitization: No explicit sanitization or filtering logic is provided for the data gathered from the workspace before it is written to memory.
Audit Metadata