memories
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The script scripts/memories.sh executes local commands via bun. It uses proper argument handling to prevent shell injection.
- [PROMPT_INJECTION] (LOW): The skill presents an indirect prompt injection surface (Category 8) as it stores and retrieves arbitrary text. 1. Ingestion points: Content and summary parameters in the save-memory command. 2. Boundary markers: No explicit delimiters or instruction-ignore warnings are present in the provided scripts. 3. Capability inventory: The skill can execute local scripts and perform database operations. 4. Sanitization: No sanitization or validation of the stored content is evident in the wrapper scripts.
Audit Metadata