Skills
skills/rjmurillo/ai-agents/curating-memories/Gen Agent Trust Hub

curating-memories

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill describes a workflow that involves querying and processing existing memories, which presents an inherent surface for indirect prompt injection from stored content.
  • Ingestion points: Results from query_memory calls enter the agent's context for analysis (SKILL.md).
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within query results.
  • Capability inventory: The skill has the capability to modify persistent storage via update_memory and mark_memory_obsolete (SKILL.md).
  • Sanitization: There is no mention of escaping or validating the content retrieved from the memory store.
  • Mitigation: The skill mitigates this risk by explicitly requiring the agent to present a curation plan to the user and wait for a 'Proceed? (y/n)' confirmation before performing any write operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 03:46 PM