pact-memory
Warn
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
scripts/memory_init.pymodule automatically downloads Python packages (pysqlite3,sqlite-vec,model2vec) from the Python Package Index (PyPI) if they are missing from the environment.\n- [REMOTE_CODE_EXECUTION]: Automated package installation viapipinvolves downloading and executing installation scripts, representing a remote code execution surface. The skill also dynamically loads SQLite extensions and imports modules at runtime.\n- [COMMAND_EXECUTION]: The skill usessubprocess.runto execute external binaries:pipfor dependency installation inscripts/memory_init.py,vm_statfor memory monitoring on macOS inscripts/embedding_catchup.py, andgitfor project root discovery inscripts/memory_api.pyandscripts/working_memory.py.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. Ingestion points: Data passed to thesaveandupdatecommands inscripts/memory_api.py. Boundary markers: None; content is formatted as plain markdown inCLAUDE.md. Capability inventory: Subprocess execution (git,pip,vm_stat) and file system write access (CLAUDE.md). Sanitization: None; input fields are interpolated directly into markdown templates without validation or escaping.
Audit Metadata