agent-memory
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified through repository-specific documentation.
- Ingestion points: The skill instructions in both
SKILL.mdandREADME.mdspecify that if theAGENTS.mdfile exists in the repository root, it will be added to the agent's context automatically. - Boundary markers: Absent. There are no specific instructions or delimiters defined to prevent the agent from obeying instructions that might be embedded within the
AGENTS.mdfile. - Capability inventory: The skill facilitates file system writes and modifications specifically for the
AGENTS.mdfile. - Sanitization: Present. The skill instructions mandate that the agent must summarize proposed information and obtain explicit user confirmation before writing any data to the repository, which serves as a significant manual checkpoint.
Audit Metadata