personize-memory
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provided recipes and templates utilize standard third-party libraries for data integration, including @personize/sdk, @hubspot/api-client, jsforce, pg, and mysql2.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process untrusted data from external sources for AI extraction.\n
- Ingestion points: Untrusted content enters the agent context through the memorize and memorizeBatch methods in SKILL.md and recipes/data-sync.ts.\n
- Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions for the content being processed.\n
- Capability inventory: The skill utilizes network operations for API interaction and performs data storage across its integration templates.\n
- Sanitization: External content is processed for semantic extraction without specific sanitization filters described in the instructions.\n- [SAFE]: No malicious patterns, unauthorized data exfiltration, or obfuscation were detected. The skill follows standard security practices for managing sensitive information via environment variables.
Audit Metadata