prune-agent-memory
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill processes and audits content from persistent memory files which could contain malicious instructions.
- Ingestion points: Reads data from all markdown files in the agent's memory directory (SKILL.md, Step 1 and Step 2).
- Boundary markers: Absent. The instructions do not explicitly direct the agent to treat memory content as data only, potentially allowing embedded instructions to be interpreted.
- Capability inventory: The skill has permission to use Bash, Write, and Edit tools to modify the filesystem (SKILL.md).
- Sanitization: Absent. The skill uses shell-based string processing and grep to evaluate memory content directly.
Audit Metadata