initiate-memory
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill is composed entirely of markdown instructions and does not contain any executable scripts, binary files, or automated command triggers.
- [Indirect Prompt Injection] (SAFE): The agent is instructed to read external project data such as README files, package manifests, and git logs. This represents a surface for indirect prompt injection; however, the skill is purely instructional, primary to its purpose, and includes a reflection phase for the agent to verify information quality and completeness.
- [Data Exposure] (SAFE): The skill refers to reading standard project metadata and configuration files (e.g., package.json, .eslintrc) which are necessary for understanding the project's technology stack and do not involve sensitive user secrets or private keys.
Audit Metadata