Memory
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes common Unix utilities such as
grep,find,ls, andmvto facilitate searching and organization of the~/memory/directory. These commands are used as intended for local file management. - [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it retrieves and processes information from files that may contain untrusted data. Ingestion points: Markdown files in
~/memory/and workspace files likeMEMORY.md. Boundary markers: Not specified in the instructions for reading stored content. Capability inventory: File system read/write access and execution of search commands. Sanitization: The skill does not implement specific sanitization or filtering for the data it retrieves.
Audit Metadata