memory-intake
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface identified in the memory intake workflow.
- Ingestion points: The $ARGUMENTS variable in SKILL.md accepts untrusted user input.
- Boundary markers: Absent. The input is interpolated directly into the instructions without delimiters or 'ignore' directives.
- Capability inventory: The skill uses nmem_remember for persistent storage and nmem_recall for searching existing memories.
- Sanitization: No validation or sanitization of input content is performed before processing.
- [DATA_EXFILTRATION] (SAFE): The skill accesses ~/.neuralmemory/config.toml via the context field. This is a local configuration file for the memory system and no network exfiltration tools are authorized.
Audit Metadata