Skills
skills/oimiragieo/agent-studio/memory-audit/Gen Agent Trust Hub

memory-audit

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform extensive file system operations, searching for memory indices and calculating directory statistics within ~/.claude/ and .claude/context/.
  • [COMMAND_EXECUTION]: Invokes local Node.js functionality via node -e to call methods from the memory-manager.cjs module for API verification.
  • [PROMPT_INJECTION]: The skill processes untrusted content from memory files which creates a surface for indirect prompt injection. 1. Ingestion points: Reads MEMORY.md, learnings.md, and JSON data stores. 2. Boundary markers: Lacks explicit separators or instructions to ignore instructions embedded within the memory data. 3. Capability inventory: Uses Bash and TaskUpdate to perform actions and write to the file system based on audit results. 4. Sanitization: Does not perform validation or filtering of the content retrieved from memory stores before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 04:50 PM