agent-memory
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill identifies the 'agent-memory' NPM package and the vendor's GitHub repository (github.com/molty-assistant/agent-memory) as dependencies. These are recognized as official vendor resources.
- [COMMAND_EXECUTION]: The skill provides instructions to install the 'agent-memory' CLI and execute commands like 'memctl list' and 'memctl digest' for file management and analysis.
- [PROMPT_INJECTION]: The 'memctl digest' feature creates an indirect prompt injection surface by processing potentially untrusted data from memory files.
- Ingestion points: Local memory markdown files read by the 'memctl' tool.
- Boundary markers: No specific delimiters or safety instructions are defined to separate data from instructions.
- Capability inventory: The 'memctl' tool reads file content and interacts with the Gemini API.
- Sanitization: No sanitization or validation of the memory file content is specified in the skill documentation.
Audit Metadata