memory-recall
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from past interactions, creating a surface for potential indirect prompt injection attacks. 1. Ingestion points: Reads configuration from .claude/memory-settings.json and content from various memory Markdown files (preferences, conversations, and long-term memory). 2. Boundary markers: Absent. The skill does not define specific delimiters or instructions to isolate recalled memory from the current instruction set. 3. Capability inventory: The skill utilizes file reading and grep search capabilities to access local data. 4. Sanitization: No sanitization or validation of the retrieved memory data is performed before it is integrated into the response context.
Audit Metadata