memories
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
bunruntime to execute commands for saving and retrieving memories. A shell scriptscripts/memories.shacts as a wrapper, safely passing arguments to the underlying Bun tasks. - [DATA_EXFILTRATION]: Configuration is managed through environment variables such as
OPENAI_API_BASE_URL. The skill references internal Kubernetes service URLs for its embedding model API, and no evidence of data exfiltration or credential exposure was found. - [PROMPT_INJECTION]: The skill handles arbitrary text content which is stored as embeddings, creating a potential surface for indirect prompt injection.
- Ingestion points: Input content and summaries stored via the
save-memorytask. - Boundary markers: No explicit delimiters or guardrails are defined in the provided script wrappers.
- Capability inventory: The skill can perform database operations and network requests to an embedding service.
- Sanitization: No sanitization of stored content is observed in the provided shell and JSON files.
Audit Metadata