context-degradation
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious logic, obfuscation, or unauthorized network operations were detected. The skill's executable scripts are boilerplate scaffolds provided by an enterprise bundler and contain no functional code.\n- [PROMPT_INJECTION]: Indirect prompt injection surface identified. The skill's mandatory Memory Protocol requires the agent to ingest historical context from local files, which may contain untrusted data from previous sessions.\n
- Ingestion points: The skill reads from
.claude/context/memory/learnings.mdat the start of operations.\n - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the memory files are provided.\n
- Capability inventory: The skill uses
Read,Write, andSkilltools, enabling data read from memory to influence file system modifications or downstream skill executions.\n - Sanitization: There is no evidence of sanitization or content validation for the data retrieved from the memory directory.
Audit Metadata