ml-memory
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No unauthorized data access or network communication detected. The skill explicitly includes a validation rule (memory-no-user-scope) to prevent cross-user data leakage in database queries.
- [Prompt Injection] (SAFE): No instructions attempting to bypass safety filters or override system prompts.
- [Indirect Prompt Injection] (SAFE): The skill defines a memory data surface with built-in mitigations. 1. Ingestion points: memory data processed in reference patterns. 2. Boundary markers: absent. 3. Capability inventory: database operations (self.db) in code snippets. 4. Sanitization: user scoping and contradiction checks.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No remote scripts or dynamic code execution patterns are present. The Python examples use standard library modules (uuid, math, datetime).
Audit Metadata