Skills
skills/nowledge-co/community/read-working-memory/Gen Agent Trust Hub

read-working-memory

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing the nmem-cli package via pip or pipx. This is a vendor-owned resource from nowledge-co used for the skill's primary purpose.
  • [COMMAND_EXECUTION]: The skill executes nmem wm read and cat ~/ai-now/memory.md to retrieve context. These operations are consistent with the skill's stated purpose of reading working memory.
  • [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by ingesting untrusted data from external sources.
  • Ingestion points: Data is ingested from the nmem CLI output and the local ~/ai-now/memory.md file.
  • Boundary markers: No explicit delimiters or instructions are used to separate memory content from the system prompt.
  • Capability inventory: The skill's own scripts are limited to read operations, but malicious content in the memory could attempt to influence the agent's broader capabilities.
  • Sanitization: No sanitization or validation is performed on the ingested memory data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 02:13 AM