distill-memory
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing 'nmem-cli' via pip. This is a vendor-specific tool used to support the primary functionality of the skill.
- [COMMAND_EXECUTION]: The skill uses shell commands to interact with the 'nmem' utility for adding and updating memory entries.
- [INDIRECT_PROMPT_INJECTION]: The skill identifies and summarizes breakthroughs from user conversations to store as memory.
- Ingestion points: The agent monitors user interaction for 'breakthroughs', 'decisions', or 'lessons' (SKILL.md).
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used during the summarization process.
- Capability inventory: The skill can execute shell commands via the 'nmem' CLI tool.
- Sanitization: There is no evidence of specific sanitization or escaping of the user-provided breakthrough content before it is passed to the shell command.
Audit Metadata