mb-init
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to create a specific directory structure including
.memory-bank/,.tasks/, and.protocols/, and to seed several markdown files from templates.- [COMMAND_EXECUTION]: Suggests an optional execution of a local scriptnode scripts/init-mb.jsto automate the setup process. This is a local vendor-provided tool intended for initialization.- [PROMPT_INJECTION]: The skill creates 'proxy skills' that function as an indirect prompt injection surface by instructing the agent to load and follow instructions from generated files in.memory-bank/commands/. - Ingestion points: Instructions are read from
.memory-bank/commands/*.md. - Boundary markers: None; the agent is directed to follow the file contents directly.
- Capability inventory: Includes file system write access and shell command execution (Node.js).
- Sanitization: No validation or sanitization of the template-generated content is performed.
Audit Metadata